Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the 1 unlimnumrows, 2 sqlquery, or 3 pos parameter to a tblexport.php; the 4 sessionmaxrows or 5 pos parameter to b sql.php; the 6 username parameter to c...

CVE-2005-4450

Cross-site request forgery CSRF vulnerability in phpMyAdmin 2.7.0 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag to serverprivileges.php, as demonstrated using the dbname and checkprivs parameters. NOTE: the provenance of this issue is unknown,...

CVE-2005-4450

CVE-2005-4450 describes a CSRF vulnerability in phpMyAdmin 2.7.0 where remote attackers can perform unauthorized actions as a logged-in user by exploiting a link or IMG tag to server_priv privileges.php using dbname and checkprivs. Related OSV/NVD entries also reference a tied SQL injection discu...

CVE-2005-4450

Cross-site request forgery CSRF vulnerability in phpMyAdmin 2.7.0 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag to serverprivileges.php, as demonstrated using the dbname and checkprivs parameters. NOTE: the provenance of this issue is unknown,...

CVE-2005-4349

CVE-2005-4349 : SQL injection in phpMyAdmin 2.7.0 is reported in server_privileges.php via the dbname and checkprivs parameters. The vendor/third party dispute the issue and suggest it may be rejected; a closely related CSRF issue is tracked as CVE-2005-4450. Connected sources confirm the presenc...