Lucene search

MitreCVE-2009-3696

HistoryOct 16, 2009 - 4:30 p.m.

CVE-2009-3696

2009-10-1616:30:00

CWE-79

mitre

web.nvd.nist.gov

cve-2009-3696

xss

phpmyadmin

web script injection

html injection

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.003

Percentile

71.1%

JSON

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.

Affected configurations

Nvd

Node

phpmyadminphpmyadminMatch2.11.0

phpmyadminphpmyadminMatch2.11.0beta1

phpmyadminphpmyadminMatch2.11.0rc1

phpmyadminphpmyadminMatch2.11.0.0

phpmyadminphpmyadminMatch2.11.0beta1

phpmyadminphpmyadminMatch2.11.1

phpmyadminphpmyadminMatch2.11.1rc1

phpmyadminphpmyadminMatch2.11.1.0

phpmyadminphpmyadminMatch2.11.1.1

phpmyadminphpmyadminMatch2.11.1.2

phpmyadminphpmyadminMatch2.11.2

phpmyadminphpmyadminMatch2.11.2.0

phpmyadminphpmyadminMatch2.11.2.1

phpmyadminphpmyadminMatch2.11.2.2

phpmyadminphpmyadminMatch2.11.3

phpmyadminphpmyadminMatch2.11.3rc1

phpmyadminphpmyadminMatch2.11.3.0

phpmyadminphpmyadminMatch2.11.4

phpmyadminphpmyadminMatch2.11.4rc1

phpmyadminphpmyadminMatch2.11.4.0

phpmyadminphpmyadminMatch2.11.5

phpmyadminphpmyadminMatch2.11.5rc1

phpmyadminphpmyadminMatch2.11.5.0

phpmyadminphpmyadminMatch2.11.5.1

phpmyadminphpmyadminMatch2.11.5.2

phpmyadminphpmyadminMatch2.11.6

phpmyadminphpmyadminMatch2.11.6rc1

phpmyadminphpmyadminMatch2.11.6.0

phpmyadminphpmyadminMatch2.11.7

phpmyadminphpmyadminMatch2.11.7.0

phpmyadminphpmyadminMatch2.11.8

phpmyadminphpmyadminMatch2.11.9

phpmyadminphpmyadminMatch2.11.9.0

phpmyadminphpmyadminMatch2.11.9.1

phpmyadminphpmyadminMatch2.11.9.2

phpmyadminphpmyadminMatch2.11.9.3

phpmyadminphpmyadminMatch2.11.9.4

phpmyadminphpmyadminMatch2.11.9.5

phpmyadminphpmyadminMatch3.0.0

phpmyadminphpmyadminMatch3.0.0rc1

phpmyadminphpmyadminMatch3.0.0-alpha

phpmyadminphpmyadminMatch3.0.0-beta

phpmyadminphpmyadminMatch3.0.1

phpmyadminphpmyadminMatch3.0.1rc1

phpmyadminphpmyadminMatch3.0.1.1

phpmyadminphpmyadminMatch3.1.0

phpmyadminphpmyadminMatch3.1.0-beta1

phpmyadminphpmyadminMatch3.1.0.0

phpmyadminphpmyadminMatch3.1.1

phpmyadminphpmyadminMatch3.1.1rc1

phpmyadminphpmyadminMatch3.1.2

phpmyadminphpmyadminMatch3.1.2rc1

phpmyadminphpmyadminMatch3.1.3

phpmyadminphpmyadminMatch3.1.31

phpmyadminphpmyadminMatch3.1.3rc1

phpmyadminphpmyadminMatch3.1.3.1

phpmyadminphpmyadminMatch3.1.3.2

phpmyadminphpmyadminMatch3.1.4

phpmyadminphpmyadminMatch3.1.4rc2

phpmyadminphpmyadminMatch3.1.5

phpmyadminphpmyadminMatch3.1.5rc1

phpmyadminphpmyadminMatch3.2.0

phpmyadminphpmyadminMatch3.2.0rc1

phpmyadminphpmyadminMatch3.2.0-beta1

phpmyadminphpmyadminMatch3.2.0.1

phpmyadminphpmyadminMatch3.2.1

phpmyadminphpmyadminMatch3.2.1rc1

phpmyadminphpmyadminMatch3.2.2

phpmyadminphpmyadminMatch3.2.2rc1

VendorProductVersionCPE
phpmyadminphpmyadmin2.11.0cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.0cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.0cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.0.0cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.0beta1cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0beta1:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.1cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.1cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.1.0cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.1.1cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.1.2cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpmyadmin	phpmyadmin	2.11.0	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:::::::*
phpmyadmin	phpmyadmin	2.11.0	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1::::::
phpmyadmin	phpmyadmin	2.11.0	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1::::::
phpmyadmin	phpmyadmin	2.11.0.0	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0.0:::::::*
phpmyadmin	phpmyadmin	2.11.0beta1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0beta1:::::::*
phpmyadmin	phpmyadmin	2.11.1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:::::::*
phpmyadmin	phpmyadmin	2.11.1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1::::::
phpmyadmin	phpmyadmin	2.11.1.0	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:::::::*
phpmyadmin	phpmyadmin	2.11.1.1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:::::::*
phpmyadmin	phpmyadmin	2.11.1.2	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:::::::*