Description

Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter.

Remediation

References

CVE-2006-1803

Related Vulnerabilities

WordPress Plugin Polldaddy Polls & Ratings Cross-Site Scripting (2.0.31)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3385)

WordPress Plugin WatchTowerHQ Privilege Escalation (3.6.16)

Drupal Core 9.0.x Security Bypass (9.0.0 - 9.0.5)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29211)

Severity

Medium

Classification

CVE-2006-1803

Tags

Missing Update Known Vulnerabilities