CVE-2006-1803 – phpMyAdmin 2.7 - 'sql.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-1803
Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter. • https://www.exploit-db.com/exploits/27632 http://secunia.com/advisories/19659 http://secunia.com/advisories/19897 http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.securityfocus.com/archive/1/430902/100/0/threaded http://www.securityfocus.com/archive/1/431013/100/0/threaded http://www.securityfocus.com/bid/17487 http://www.vupen.com/english/advisories/2006/1372 https://exchange.xforce.ibmcloud.com/vulnerabilities/25796 •
CVE-2001-0478
https://notcve.org/view.php?id=CVE-2001-0478
Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. • http://archives.neohapsis.com/archives/bugtraq/2001-04/0396.html http://www.securityfocus.com/bid/2642 •