CVSS: 5.8EPSS: 0%CPEs: 55EXPL: 0CVE-2006-3388
https://notcve.org/view.php?id=CVE-2006-3388
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en phpMyAdmin en versiones anteriores a 2.8.2, que permite a los atacantes remotos inyectar arbitrariamente una secuencia de comandos web o HTML a través del parámetro table. • http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html http://secunia.com/advisories/20907 http://secunia.com/advisories/23086 http://securitynews.ir/advisories/phpmyadmin281.txt http://securityreason.com/securityalert/1194 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4 http://www.securityfocus.com/archive/1/438870/100/0/threaded http://www.securityfocus.com/bid/18754 http://www.vupen.com/english/advisories/2006/2622 https://exchange.xforce.ibm •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2006-2417
https://notcve.org/view.php?id=CVE-2006-2417
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031. • http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html http://secunia.com/advisories/20113 http://secunia.com/advisories/20627 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 http://www.securityfocus.com/bid/17973 http://www.vupen.com/english/advisories/2006/1794 https://exchange.xforce.ibmcloud.com/vulnerabilities/26444 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-2418
https://notcve.org/view.php?id=CVE-2006-2418
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts. • http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html http://secunia.com/advisories/20113 http://secunia.com/advisories/20627 http://secunia.com/advisories/22781 http://www.debian.org/security/2006/dsa-1207 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 http://www.securityfocus.com/bid/17973 http://www.vupen.com/english/advisories/2006/1794 https://exchange.xforce.ibmcloud.com/vulnerabilities/26441 •
CVSS: 2.6EPSS: 0%CPEs: 4EXPL: 1CVE-2006-2031
https://notcve.org/view.php?id=CVE-2006-2031
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter. • http://pridels0.blogspot.com/2006/04/phpmyadmin-xss-vuln.html http://secunia.com/advisories/19659 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 https://exchange.xforce.ibmcloud.com/vulnerabilities/25954 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2006-1804
https://notcve.org/view.php?id=CVE-2006-1804
SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. • http://secunia.com/advisories/19659 http://secunia.com/advisories/19897 http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.securityfocus.com/archive/1/431013/100/0/threaded http://www.vupen.com/english/advisories/2006/1372 https://exchange.xforce.ibmcloud.com/vulnerabilities/25858 •