Description
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
Remediation
References
Related Vulnerabilities
OpenSSL Other Vulnerability (CVE-2003-0544)
WordPress Plugin Login as User or Customer Security Bypass (1.7)
Joomla Improper Input Validation Vulnerability (CVE-2015-8562)
WordPress Plugin SiteGuard WP Information Disclosure (1.7.6)
WordPress Plugin YITH WooCommerce Product Bundles Security Bypass (1.1.15)