Lucene search

MitreCVE-2006-3388

HistoryJul 06, 2006 - 8:05 p.m.

CVE-2006-3388

2006-07-0620:05:00

mitre

web.nvd.nist.gov

cve

2006

3388

cross-site scripting

xss

vulnerability

phpmyadmin

web script

html

table parameter

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.009

Percentile

82.8%

JSON

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter.

Affected configurations

Nvd

Node

phpmyadminphpmyadminMatch2.0

phpmyadminphpmyadminMatch2.0.1

phpmyadminphpmyadminMatch2.0.2

phpmyadminphpmyadminMatch2.0.3

phpmyadminphpmyadminMatch2.0.4

phpmyadminphpmyadminMatch2.0.5

phpmyadminphpmyadminMatch2.1

phpmyadminphpmyadminMatch2.1.1

phpmyadminphpmyadminMatch2.1.2

phpmyadminphpmyadminMatch2.2

phpmyadminphpmyadminMatch2.2.2

phpmyadminphpmyadminMatch2.2.3

phpmyadminphpmyadminMatch2.2.4

phpmyadminphpmyadminMatch2.2.5

phpmyadminphpmyadminMatch2.2.6

phpmyadminphpmyadminMatch2.2_pre1

phpmyadminphpmyadminMatch2.2_pre2

phpmyadminphpmyadminMatch2.2_rc1

phpmyadminphpmyadminMatch2.2_rc2

phpmyadminphpmyadminMatch2.2_rc3

phpmyadminphpmyadminMatch2.3.1

phpmyadminphpmyadminMatch2.3.2

phpmyadminphpmyadminMatch2.4.0

phpmyadminphpmyadminMatch2.5.0

phpmyadminphpmyadminMatch2.5.1

phpmyadminphpmyadminMatch2.5.2

phpmyadminphpmyadminMatch2.5.3

phpmyadminphpmyadminMatch2.5.4

phpmyadminphpmyadminMatch2.5.5

phpmyadminphpmyadminMatch2.5.5_pl1

phpmyadminphpmyadminMatch2.5.5_rc1

phpmyadminphpmyadminMatch2.5.5_rc2

phpmyadminphpmyadminMatch2.5.6_rc1

phpmyadminphpmyadminMatch2.5.7

phpmyadminphpmyadminMatch2.5.7_pl1

phpmyadminphpmyadminMatch2.6.0_pl1

phpmyadminphpmyadminMatch2.6.0_pl2

phpmyadminphpmyadminMatch2.6.0_pl3

phpmyadminphpmyadminMatch2.6.1

phpmyadminphpmyadminMatch2.6.1_pl1

phpmyadminphpmyadminMatch2.6.1_pl3

phpmyadminphpmyadminMatch2.6.1_rc1

phpmyadminphpmyadminMatch2.6.2

phpmyadminphpmyadminMatch2.6.2_rc1

phpmyadminphpmyadminMatch2.6.3_pl1

phpmyadminphpmyadminMatch2.6.4_pl1

phpmyadminphpmyadminMatch2.6.4_pl3

phpmyadminphpmyadminMatch2.6.4_pl4

phpmyadminphpmyadminMatch2.6.4_rc1

phpmyadminphpmyadminMatch2.7

phpmyadminphpmyadminMatch2.7.0_beta1

phpmyadminphpmyadminMatch2.7_pl1

phpmyadminphpmyadminMatch2.8.1

phpmyadminphpmyadminMatch2.8.3

phpmyadminphpmyadminMatch2.8.4

VendorProductVersionCPE
phpmyadminphpmyadmin2.3.1cpe:/a:phpmyadmin:phpmyadmin:2.3.1:::
phpmyadminphpmyadmin2.2+pre1cpe:/a:phpmyadmin:phpmyadmin:2.2+pre1:::
phpmyadminphpmyadmin2.8.3cpe:/a:phpmyadmin:phpmyadmin:2.8.3:::
phpmyadminphpmyadmin2.7+pl1cpe:/a:phpmyadmin:phpmyadmin:2.7+pl1:::
phpmyadminphpmyadmin2.6.0+pl1cpe:/a:phpmyadmin:phpmyadmin:2.6.0+pl1:::
phpmyadminphpmyadmin2.6.0+pl2cpe:/a:phpmyadmin:phpmyadmin:2.6.0+pl2:::
phpmyadminphpmyadmin2.5.5+pl1cpe:/a:phpmyadmin:phpmyadmin:2.5.5+pl1:::
phpmyadminphpmyadmin2.5.4cpe:/a:phpmyadmin:phpmyadmin:2.5.4:::
phpmyadminphpmyadmin2.6.0+pl3cpe:/a:phpmyadmin:phpmyadmin:2.6.0+pl3:::
phpmyadminphpmyadmin2.2.6cpe:/a:phpmyadmin:phpmyadmin:2.2.6:::

Vendor	Product	Version	CPE
phpmyadmin	phpmyadmin	2.3.1	cpe:/a:phpmyadmin:phpmyadmin:2.3.1:::
phpmyadmin	phpmyadmin	2.2+pre1	cpe:/a:phpmyadmin:phpmyadmin:2.2+pre1:::
phpmyadmin	phpmyadmin	2.8.3	cpe:/a:phpmyadmin:phpmyadmin:2.8.3:::
phpmyadmin	phpmyadmin	2.7+pl1	cpe:/a:phpmyadmin:phpmyadmin:2.7+pl1:::
phpmyadmin	phpmyadmin	2.6.0+pl1	cpe:/a:phpmyadmin:phpmyadmin:2.6.0+pl1:::
phpmyadmin	phpmyadmin	2.6.0+pl2	cpe:/a:phpmyadmin:phpmyadmin:2.6.0+pl2:::
phpmyadmin	phpmyadmin	2.5.5+pl1	cpe:/a:phpmyadmin:phpmyadmin:2.5.5+pl1:::
phpmyadmin	phpmyadmin	2.5.4	cpe:/a:phpmyadmin:phpmyadmin:2.5.4:::
phpmyadmin	phpmyadmin	2.6.0+pl3	cpe:/a:phpmyadmin:phpmyadmin:2.6.0+pl3:::
phpmyadmin	phpmyadmin	2.2.6	cpe:/a:phpmyadmin:phpmyadmin:2.2.6:::