6.8

CVE-2007-2245

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpmyadminPhpmyadmin Version2.10.1.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.73% 0.747
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0
http://www.mandriva.com/security/advisories?name=MDKSA-2007:199
http://secunia.com/advisories/26733
http://www.us.debian.org/security/2007/dsa-1370
http://osvdb.org/35050
http://secunia.com/advisories/24952
Vendor Advisory
http://www.phpmyadmin.net/ChangeLog.txt
http://www.vupen.com/english/advisories/2007/1508
https://exchange.xforce.ibmcloud.com/vulnerabilities/33898