Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown

CVE-2009-2284

Disclosure Date: July 01, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark.
0
0
Attacker Value
Unknown

CVE-2008-4326

Disclosure Date: September 30, 2008 (last updated October 04, 2023)
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.
0
0
Attacker Value
Unknown

CVE-2008-3197

Disclosure Date: July 16, 2008 (last updated October 04, 2023)
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.
0
0
Attacker Value
Unknown

CVE-2006-3388

Disclosure Date: July 06, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter.
0
0
Attacker Value
Unknown

CVE-2005-3665

Disclosure Date: December 08, 2005 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation.
0
0
Attacker Value
Unknown

CVE-2005-2869

Disclosure Date: September 08, 2005 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php.
0
0
Attacker Value
Unknown

CVE-2005-0992

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter.
0
0