Page 9 of 45 results (0.010 seconds)

CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en phpMyAdmin versiones anteriores a 2.9.2-rc1 permite a atacantes remotos inyectar scripts web o HTML de su elección mediante vectores no especificados. NOTA: algunos de estos detalles se han obtenido de información de terceros. • http://osvdb.org/32667 http://secunia.com/advisories/23702 http://www.mandriva.com/security/advisories?name=MDKSA-2007:199 http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 http://www.securityfocus.com/bid/21987 http://www.vupen.com/english/advisories/2007/0125 https://exchange.xforce.ibmcloud.com/vulnerabilities/31387 •

CVSS: 4.3EPSS: 0%CPEs: 15EXPL: 0

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data. Vulnerabilidad de secuencias de comandos (XSS) en error.php en phpMyAdmin 2.6.4 hasta la 2.9.0.2 permite a un atacante remoto inyectar secuencias de comandos web o HTML a través de codificaciones de caracteres UTF-7 or US-ASCII, lo cual son inyectados dentro de un mensaje de error, como se demostró por una respuesta con un el parámetro utf7 acompañado por datos UTF-7. • http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html http://secunia.com/advisories/22599 http://secunia.com/advisories/23086 http://www.hardened-php.net/advisory_122006.137.html http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6 http://www.securityfocus.com/archive/1/450397/100/0/threaded http://www.securityfocus.com/bid/20856 http://www.vupen.com/english/advisories/2006/4298 https://exchange.xforce.ibmcloud.com/vulnerabilities/29957 •

CVSS: 5.8EPSS: 0%CPEs: 55EXPL: 0

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en phpMyAdmin en versiones anteriores a 2.8.2, que permite a los atacantes remotos inyectar arbitrariamente una secuencia de comandos web o HTML a través del parámetro table. • http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html http://secunia.com/advisories/20907 http://secunia.com/advisories/23086 http://securitynews.ir/advisories/phpmyadmin281.txt http://securityreason.com/securityalert/1194 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4 http://www.securityfocus.com/archive/1/438870/100/0/threaded http://www.securityfocus.com/bid/18754 http://www.vupen.com/english/advisories/2006/2622 https://exchange.xforce.ibm •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1

SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. • http://secunia.com/advisories/19659 http://secunia.com/advisories/19897 http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.securityfocus.com/archive/1/431013/100/0/threaded http://www.vupen.com/english/advisories/2006/1372 https://exchange.xforce.ibmcloud.com/vulnerabilities/25858 •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter. • https://www.exploit-db.com/exploits/27632 http://secunia.com/advisories/19659 http://secunia.com/advisories/19897 http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.securityfocus.com/archive/1/430902/100/0/threaded http://www.securityfocus.com/archive/1/431013/100/0/threaded http://www.securityfocus.com/bid/17487 http://www.vupen.com/english/advisories/2006/1372 https://exchange.xforce.ibmcloud.com/vulnerabilities/25796 •