| Vulnerability Name: | CVE-2007-0341 (CCN-31636) | ||||||||
| Assigned: | 2007-01-12 | ||||||||
| Published: | 2007-01-12 | ||||||||
| Updated: | 2018-10-16 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Fri Jan 12 2007 - 05:59:41 CST xss in phpmyadmin <= 2.8.1 Source: MITRE Type: CNA CVE-2007-0341 Source: CCN Type: OSVDB ID: 58781 phpMyAdmin Top-level URI convcharset Parameter javascript: URI XSS Source: CCN Type: phpMyAdmin Web site phpMyAdmin | MySQL Database Administration Tool | www.phpmyadmin.net Source: BUGTRAQ Type: UNKNOWN 20070112 xss in phpmyadmin <= 2.8.1 Source: BUGTRAQ Type: UNKNOWN 20070112 Re: xss in phpmyadmin <= 2.8.1 Source: MISC Type: Exploit, Patch, Vendor Advisory http://www.virtuax.be/advisories/Advisory1-12012007.txt Source: XF Type: UNKNOWN phpmyadmin-ie-convcharset-xss(31636) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||