Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2008-4775

Опубликовано: 28 окт. 2008
Источник: debian

Описание

Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
phpmyadminfixed4:2.11.8.1-4package
phpmyadminnot-affectedetchpackage

Примечания

  • https://www.securityfocus.com/archive/1/497815

  • https://www.phpmyadmin.net/security/PMASA-2008-9/

  • https://github.com/phpmyadmin/phpmyadmin/commit/625e9f2e93671f9e4a9086b8d6c8111f70ffcc3d (2.11 branch)

  • https://github.com/phpmyadmin/phpmyadmin/commit/600a2ca21bc8b40742fd0a919a6b06a477548647

Связанные уязвимости

ubuntu логотип

CVE-2008-4775

ubuntu
больше 16 лет назад

Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.

redhat логотип

CVE-2008-4775

redhat
больше 16 лет назад

Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.

nvd логотип

CVE-2008-4775

nvd
больше 16 лет назад

Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.

github логотип

GHSA-3754-x86m-fj9m

github
около 3 лет назад

Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.