Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:3565
HistoryJul 07, 2008 - 12:00 a.m.

phpMyAdmin远程跨站脚本漏洞

2008-07-0700:00:00
Root
www.seebug.org
9

0.004 Low

EPSS

Percentile

71.7%

JSON

CVE(CAN) ID: CVE-2008-2960

phpMyAdmin是用PHP编写的工具,用于通过WEB管理MySQL。

如果PHP register_globals的设置为on且服务器没有应用/libraries中.htaccess文件的设置的话,远程攻击者就可以通过向phpMyAdmin提交恶意请求执行跨站脚本攻击,导致执行任意代码。

phpMyAdmin < 2.11.7
厂商补丁:

phpMyAdmin

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&amp;revision=11326” target=“_blank”>http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&amp;revision=11326</a>

Related

ubuntucve 1
phpmyadmin 1
openvas 4
debiancve 1
redhatcve 1
nessus 3
cve 1
prion 1
freebsd 1
ubuntucve
ubuntucve
CVE-2008-2960
2008-07-02 00:00:00
phpmyadmin
phpmyadmin
XSS on plausible insecure PHP installation
2008-06-23 00:00:00
openvas
openvas
FreeBSD Ports: phpmyadmin
2008-09-04 00:00:00
FreeBSD Ports: phpmyadmin
2008-09-04 00:00:00
SuSE Security Summary SUSE-SR:2009:003
2009-02-02 00:00:00
debiancve
debiancve
CVE-2008-2960
2008-07-02 17:14:00
redhatcve
redhatcve
CVE-2008-2960
2019-10-04 20:09:18
nessus
nessus
FreeBSD : phpmyadmin -- XSS Vulnerabilities (e285a1f4-4568-11dd-ae96-0030843d3802)
2008-07-02 00:00:00
openSUSE Security Update : phpMyAdmin (phpMyAdmin-442)
2009-07-21 00:00:00
openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-5935)
2009-01-22 00:00:00
cve
cve
CVE-2008-2960
2008-07-02 17:14:00
prion
prion
Cross site scripting
2008-07-02 17:14:00
freebsd
freebsd
phpmyadmin -- Cross Site Scripting Vulnerabilities
2008-06-23 00:00:00

0.004 Low

EPSS

Percentile

71.7%

JSON
Related for SSV:3565
ubuntucve1phpmyadmin1openvas4debiancve1redhatcve1nessus3cve1prion1freebsd1