Description

Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.

Remediation

References

CVE-2006-2418

Related Vulnerabilities

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2031)

Zenphoto Improper Privilege Management Vulnerability (CVE-2018-0610)

WordPress Plugin File Gallery Remote Code Execution (1.7.9)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-0988)

phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-4987)

Severity

Medium

Classification

CVE-2006-2418

Tags

Missing Update Known Vulnerabilities