Vulnerability Name: | CVE-2006-2031 (CCN-25954) | ||||||||||||
Assigned: | 2006-04-20 | ||||||||||||
Published: | 2006-04-20 | ||||||||||||
Updated: | 2017-07-20 | ||||||||||||
Summary: | Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||||||||||
CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||
CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
| ||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2006-2031 Source: CCN Type: UNSECURED SYSTEMS 20 april 2006 phpMyAdmin XSS vuln. Source: MISC Type: UNKNOWN http://pridels0.blogspot.com/2006/04/phpmyadmin-xss-vuln.html Source: CCN Type: SA19659 phpMyAdmin Cross-Site Scripting and SQL Code Execution Source: SECUNIA Type: Exploit 19659 Source: CCN Type: OSVDB ID: 25206 phpMyAdmin index.php Multiple Parameter XSS Source: CCN Type: OSVDB ID: 26316 phpMyAdmin theme Parameter XSS Source: CCN Type: The phpMyAdmin Project Web site phpMyAdmin - 2.8.0.3 Source: CONFIRM Type: UNKNOWN http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 Source: XF Type: UNKNOWN phpmyadmin-index-xss(25954) Source: XF Type: UNKNOWN phpmyadmin-index-xss(25954) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
Oval Definitions | |||||||||||||
| |||||||||||||
BACK |