Description
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Vault Local File Inclusion (0.8.6.6)
WordPress Plugin Live Chat with Facebook Messenger Cross-Site Scripting (1.4.4)
Oracle Database Server CVE-2006-0283 Vulnerability (CVE-2006-0283)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9855)
Squid Improper Certificate Validation Vulnerability (CVE-2021-41611)