4.3

CVE-2005-3665

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpmyadminPhpmyadmin Version2.0
PhpmyadminPhpmyadmin Version2.0.1
PhpmyadminPhpmyadmin Version2.0.2
PhpmyadminPhpmyadmin Version2.0.3
PhpmyadminPhpmyadmin Version2.0.4
PhpmyadminPhpmyadmin Version2.0.5
PhpmyadminPhpmyadmin Version2.1
PhpmyadminPhpmyadmin Version2.1.1
PhpmyadminPhpmyadmin Version2.1.2
PhpmyadminPhpmyadmin Version2.2
PhpmyadminPhpmyadmin Version2.2.2
PhpmyadminPhpmyadmin Version2.2.3
PhpmyadminPhpmyadmin Version2.2.4
PhpmyadminPhpmyadmin Version2.2.5
PhpmyadminPhpmyadmin Version2.2.6
PhpmyadminPhpmyadmin Version2.2_pre1
PhpmyadminPhpmyadmin Version2.2_pre2
PhpmyadminPhpmyadmin Version2.2_rc1
PhpmyadminPhpmyadmin Version2.2_rc2
PhpmyadminPhpmyadmin Version2.2_rc3
PhpmyadminPhpmyadmin Version2.3.1
PhpmyadminPhpmyadmin Version2.3.2
PhpmyadminPhpmyadmin Version2.4.0
PhpmyadminPhpmyadmin Version2.5.0
PhpmyadminPhpmyadmin Version2.5.1
PhpmyadminPhpmyadmin Version2.5.2
PhpmyadminPhpmyadmin Version2.5.3
PhpmyadminPhpmyadmin Version2.5.4
PhpmyadminPhpmyadmin Version2.5.5
PhpmyadminPhpmyadmin Version2.5.5_pl1
PhpmyadminPhpmyadmin Version2.5.5_rc1
PhpmyadminPhpmyadmin Version2.5.5_rc2
PhpmyadminPhpmyadmin Version2.5.6_rc1
PhpmyadminPhpmyadmin Version2.5.7
PhpmyadminPhpmyadmin Version2.5.7_pl1
PhpmyadminPhpmyadmin Version2.6.0_pl1
PhpmyadminPhpmyadmin Version2.6.0_pl2
PhpmyadminPhpmyadmin Version2.6.0_pl3
PhpmyadminPhpmyadmin Version2.6.1
PhpmyadminPhpmyadmin Version2.6.1_pl1
PhpmyadminPhpmyadmin Version2.6.1_pl3
PhpmyadminPhpmyadmin Version2.6.1_rc1
PhpmyadminPhpmyadmin Version2.6.2
PhpmyadminPhpmyadmin Version2.6.2_rc1
PhpmyadminPhpmyadmin Version2.6.3_pl1
PhpmyadminPhpmyadmin Version2.6.4_pl1
PhpmyadminPhpmyadmin Version2.6.4_pl3
PhpmyadminPhpmyadmin Version2.6.4_rc1
PhpmyadminPhpmyadmin Version2.7.0_beta1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.8% 0.757
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22781
http://www.debian.org/security/2006/dsa-1207
http://secunia.com/advisories/18618
http://www.securityfocus.com/archive/1/423142/100/0/threaded
http://secunia.com/advisories/17957
http://www.gentoo.org/security/en/glsa/glsa-200512-03.xml
http://secunia.com/advisories/17895
Patch
Vendor Advisory
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-8
Patch
Vendor Advisory
http://www.securityfocus.com/bid/15735
Patch
http://www.vupen.com/english/advisories/2005/2772