Lucene search
MitreCVELIST:CVE-2007-1395HistoryMar 10, 2007 - 10:00 p.m.
CVE-2007-1395
2007-03-1022:00:00
mitre
www.cve.org
6
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase </SCRIPT> end tag, which bypasses the protection against lowercase </script>.
References
osvdb.org/35048
secunia.com/advisories/26733
securityreason.com/securityalert/2402
www.mandriva.com/security/advisories?name=MDKSA-2007:199
www.securityfocus.com/archive/1/462139/100/0/threaded
www.us.debian.org/security/2007/dsa-1370
www.virtuax.be/advisories/Advisory2-24012007.txt
exchange.xforce.ibmcloud.com/vulnerabilities/32858
Related
phpmyadmin
phpmyadmin
XSS and Path Disclosure vulnerabilities
2007-01-16 00:00:00
debiancve
debiancve
CVE-2007-1395
2007-03-10 22:19:00
cve
cve
CVE-2007-1395
2007-03-10 22:19:00
prion
prion
Cross site scripting
2007-03-10 22:19:00
ubuntucve
ubuntucve
CVE-2007-1395
2007-03-10 00:00:00
nvd
nvd
CVE-2007-1395
2007-03-10 22:19:00
openvas
openvas
Debian: Security Advisory (DSA-1370-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1370-2 (phpmyadmin)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1370-2)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1370-2] New phpmyadmin packages fix several vulnerabilities
2007-09-10 23:38:37
[SECURITY] [DSA 1370-1] New phpmyadmin packages fix several vulnerabilities
2007-09-09 21:42:15
nessus
nessus
Debian DSA-1370-1 : phpmyadmin - several vulnerabilities
2007-09-14 00:00:00
osv
osv
phpmyadmin - several vulnerabilities
2007-09-09 00:00:00
phpmyadmin - several vulnerabilities
2007-09-09 00:00:00
securityvulns
securityvulns