- Home
- CVEs with nessus.description==The phpmyadmin update in DSA 1207 introduced a regression. This update corrects this flaw. For completeness, please find below the original advisory text :
Several remote vulnerabilities have been discovered in phpMyAdmin, a program to administrate MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems :
- CVE-2005-3621 CRLF injection vulnerability allows remote attackers to conduct HTTP response splitting attacks.
- CVE-2005-3665 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation.
- CVE-2006-1678 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via scripts in the themes directory.
- CVE-2006-2418 A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the db parameter of footer.inc.php.
- CVE-2006-5116 A remote attacker could overwrite internal variables through the _FILES global variable.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top