Show filters
273 Total Results
Displaying 241-250 of 273
Sort by:
Attacker Value
Unknown

CVE-2006-3388

Disclosure Date: July 06, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter.
0
0
Attacker Value
Unknown

CVE-2006-2417

Disclosure Date: May 16, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031.
0
0
Attacker Value
Unknown

CVE-2006-2418

Disclosure Date: May 16, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.
0
0
Attacker Value
Unknown

CVE-2006-2031

Disclosure Date: April 26, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
0
0
Attacker Value
Unknown

CVE-2006-1803

Disclosure Date: April 18, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter.
0
0
Attacker Value
Unknown

CVE-2006-1804

Disclosure Date: April 18, 2006 (last updated October 04, 2023)
SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter.
0
0
Attacker Value
Unknown

CVE-2006-1678

Disclosure Date: April 11, 2006 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory.
0
0
Attacker Value
Unknown

CVE-2006-1258

Disclosure Date: March 19, 2006 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_theme parameter.
0
0
Attacker Value
Unknown

CVE-2005-4450

Disclosure Date: December 21, 2005 (last updated February 22, 2025)
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.7.0 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag to server_privileges.php, as demonstrated using the dbname and checkprivs parameters. NOTE: the provenance of this issue is unknown, although third parties imply that it is related to the disclosure of CVE-2005-4349, which was labeled as SQL injection but disputed.
0
0
Attacker Value
Unknown

CVE-2005-3665

Disclosure Date: December 08, 2005 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation.
0
0
View More Topics  < Previous  Next >