CVE-2007-5728 – phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-5728
Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en phpPgAdmin 3.5 hasta 4.1.1, y posiblemente 4.1.2, permite a atacantes remotos inyectar scripts web o HTML de su elección mediante determinadas entradas disponibles en PHP_SELF en (1) redirect.php, posiblemente referido a (2) login.php, vectores distintos de CVE-2007-2865. • https://www.exploit-db.com/exploits/30090 http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html http://osvdb.org/36699 http://secunia.com/advisories/25446 http://secunia.com/advisories/27756 http://secunia.com/advisories/33263 http://www.debian.org/security/2008/dsa-1693 http://www.novell.com/linux/security/advisories/2007_24_sr.html http://www.securityfocus.com/bid/24182 https://exchange.xforce.ibmcloud.com/vulnerabilities/34550 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-2865 – phpPgAdmin 4.1.1 - 'SQLEDIT.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-2865
Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en qledit.php de phpPgAdmin 4.1.1 permite a atacantes remotos inyectar scripts web o HTML de su elección a través del parámetro server. • https://www.exploit-db.com/exploits/30075 http://marc.info/?l=full-disclosure&m=117987658110713&w=2 http://osvdb.org/38138 http://secunia.com/advisories/27756 http://secunia.com/advisories/33263 http://www.debian.org/security/2008/dsa-1693 http://www.novell.com/linux/security/advisories/2007_24_sr.html http://www.securityfocus.com/bid/24115 https://exchange.xforce.ibmcloud.com/vulnerabilities/34456 •