Description

phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.

Remediation

References

CVE-2008-3456

Related Vulnerabilities

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35614)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2401)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2359)

WordPress Plugin Custom Permalinks Unspecified Vulnerability (0.7.15)

WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler PHP Object Injection (5.0.0)

Severity

Medium

Classification

CVE-2008-3456 CWE-59

Tags

Missing Update Known Vulnerabilities