CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-0204
https://notcve.org/view.php?id=CVE-2007-0204
11 Jan 2007 — Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en phpMyAdmin versiones anteriores a 2.9.2-rc1 permite a atacantes remotos inyectar scripts web o HTML de su elección mediante vectores no especificados. NOTA: algunos de estos detalles se han ... • http://osvdb.org/32667 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0095
https://notcve.org/view.php?id=CVE-2007-0095
05 Jan 2007 — phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message. phpMyAdmin 2.9.1.1 permite a atacantes remotos obtener información sensible a través de respuestas directas para themes/darkblue_orange/layout.inc.php, lo cual revela la ruta en un mensaje de error. • http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0034.html •
CVSS: 6.1EPSS: 0%CPEs: 15EXPL: 0CVE-2006-5718
https://notcve.org/view.php?id=CVE-2006-5718
04 Nov 2006 — Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data. Vulnerabilidad de secuencias de comandos (XSS) en error.php en phpMyAdmin 2.6.4 hasta la 2.9.0.2 permite a un atacante remoto inyectar secuencias de comandos web o HTML a través de codifica... • http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html •