Phpmyadmin : Security Vulnerabilities, CVEs, Published In August 2008
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php.
Max CVSS
2.6
EPSS Score
0.41%
Published
2008-08-04
Updated
2017-08-08
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
Max CVSS
6.4
EPSS Score
0.89%
Published
2008-08-04
Updated
2017-08-08
2 vulnerabilities found