Lucene search
K

6027 matches found

NVD
NVD
added 2006/05/16 10:2 a.m.23 views

CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

4.3CVSS5.5AI score0.02085EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2006/05/16 10:2 a.m.27 views

CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

4.3CVSS6.1AI score0.02085EPSS
Exploits0References1
OSV
OSV
added 2006/05/16 10:2 a.m.6 views

CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

5.5AI score
Exploits0References9
OSV
OSV
added 2006/05/16 10:2 a.m.1 views

DEBIAN-CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

4.3CVSS7.9AI score0.02085EPSS
Exploits0References1
OSV
OSV
added 2006/05/16 10:2 a.m.2 views

DEBIAN-CVE-2006-2418

Cross-site scripting XSS vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts...

6.8CVSS6AI score0.01852EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/05/16 10:0 a.m.26 views

CVE-2006-2418

Cross-site scripting XSS vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts...

5.8AI score0.01852EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2006/05/16 10:0 a.m.29 views

CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

4.3CVSS5.6AI score0.02085EPSS
Exploits0
Debian CVE
Debian CVE
added 2006/05/16 10:0 a.m.30 views

CVE-2006-2418

Cross-site scripting XSS vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts...

6.8CVSS5.9AI score0.01852EPSS
Exploits0
CVE
CVE
added 2006/05/16 10:0 a.m.72 views

CVE-2006-2418

CVE-2006-2418 is an XSS flaw in phpMyAdmin (affected versions prior to the fixes mentioned in advisories) where an attacker can inject script via the db parameter in footer.inc.php. Connected documents corroborate multiple phpMyAdmin XSS issues and specify that Debian/Debian-based advisories (DSA...

6.8CVSS5.7AI score0.01852EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2006/05/16 10:0 a.m.55 views

CVE-2006-2417

CVE-2006-2417 describes an XSS vulnerability in phpMyAdmin 2.8.0.x prior to 2.8.0.4, where an attacker can inject arbitrary script/HTML via the theme parameter in certain scripts (lang parameter covered by CVE-2006-2031). The vulnerability is remote and could lead to script execution in the victi...

4.3CVSS5.6AI score0.02085EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/05/16 10:0 a.m.29 views

CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

5.4AI score0.02085EPSS
Exploits0References7
securityvulns
securityvulns
added 2006/05/16 12:0 a.m.25 views

[SA20113] phpMyAdmin "theme" and "db" Cross-Site Scripting Vulnerabilities

TITLE: phpMyAdmin "theme" and "db" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA20113 VERIFY ADVISORY: http://secunia.com/advisories/20113/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpMyAdmin 2.x http://secunia.com/product/1720/ DESCRIPTION:...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.68 views

FreeBSD : phpmyadmin -- local file inclusion vulnerability (9b7053fd-3ab5-11da-9484-00123ffe8333)

A phpMyAdmin security announcement reports : In libraries/grabglobals.lib.php, the $redirect parameter was not correctly validated, opening the door to a local file inclusion attack. We consider this vulnerability to be serious. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

5CVSS8.1AI score0.15919EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.9 views

FreeBSD : phpmyadmin -- register_globals emulation 'import_blacklist' manipulation (23afd91f-676b-11da-99f6-00123ffe8333)

Secunia reports : Stefan Esser has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerability is caused due to an error in the registerglobals...

5.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.24 views

FreeBSD : phpmyadmin -- 'set_theme' XSS (7b55f5c2-c58b-11da-9110-00123ffe8333)

Secunia reports : A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the 'settheme' parameter isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HT...

4.3CVSS5.1AI score0.02516EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.26 views

FreeBSD : phpmyadmin -- XSS vulnerabilities (59ada6e5-676a-11da-99f6-00123ffe8333)

A phpMyAdmin security advisory reports : It was possible to conduct an XSS attack via the HTTPHOST variable; also, some scripts in the libraries directory that handle header generation were vulnerable to XSS. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

4.3CVSS5.3AI score0.01801EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.22 views

FreeBSD : phpmyadmin -- HTTP Response Splitting vulnerability (c55f9ed0-56a7-11da-a3f0-00123ffe8333)

A phpMyAdmin security advisory reports : Some scripts in phpMyAdmin are vulnerable to an HTTP Response Splitting attack. Severity : We consider these vulnerabilities to be serious. However, they can only be triggered on systems running with registerglobals = on. %NASLMINLEVEL 70300 C Tenable...

5.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.15 views

FreeBSD : phpmyadmin -- XSS vulnerabilities (fba75b43-c588-11da-9110-00123ffe8333)

phpMyAdmin security announcement : It was possible to conduct an XSS attack with a direct call to some scripts under the themes directory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...

5.3AI score
Exploits0References2
phpMyAdmin
phpMyAdmin
added 2006/05/12 12:0 a.m.25 views

XSS vulnerabilities

PMASA-2006-2 Announcement-ID: PMASA-2006-2 Date: 2006-05-12 Summary XSS vulnerabilities Description 1. It was possible to conduct an XSS attack with a crafted lang or theme parameter. 2. The db parameter was also vulnerable to an XSS attack. Severity We consider these vulnerabilities to be...

2.6CVSS7AI score0.0124EPSS
Exploits1Affected Software1
OSV
OSV
added 2006/04/26 12:6 a.m.6 views

CVE-2006-2031

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

5.5AI score
Exploits0References4
Rows per page
Query Builder