Description

Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.

Remediation

References

CVE-2006-2418

Related Vulnerabilities

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4581)

OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-2842)

WordPress Plugin BuddyPress Security Bypass (6.3.0)

WordPress Plugin WordPress Gallery Cross-Site Scripting (1.0)

MySQL CVE-2016-0654 Vulnerability (CVE-2016-0654)

Severity

Medium

Classification

CVE-2006-2418

Tags

Missing Update Known Vulnerabilities