Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data.
Max CVSS
4.3
EPSS Score
0.38%
Published
2006-11-04
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter.
Max CVSS
5.8
EPSS Score
0.90%
Published
2006-07-06
Updated
2018-10-18
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.
Max CVSS
6.8
EPSS Score
1.80%
Published
2006-05-16
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031.
Max CVSS
4.3
EPSS Score
0.47%
Published
2006-05-16
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter.
Max CVSS
4.3
EPSS Score
0.96%
Published
2006-04-18
Updated
2018-10-18
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory.
Max CVSS
4.3
EPSS Score
0.90%
Published
2006-04-11
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_theme parameter.
Max CVSS
4.3
EPSS Score
1.35%
Published
2006-03-19
Updated
2017-07-20
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!