Phpmyadmin : Security Vulnerabilities, CVEs, Published In July 2008
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.
Max CVSS
3.5
EPSS Score
0.21%
Published
2008-07-16
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.
Max CVSS
2.6
EPSS Score
0.43%
Published
2008-07-02
Updated
2017-08-08
2 vulnerabilities found