Lucene search

K

MitreCVELIST:CVE-2009-1150

HistoryMar 26, 2009 - 2:00 p.m.

CVE-2009-1150

2009-03-2614:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.5%

Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie.

References

lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/trunk/phpMyAdmin/libraries/display_export.lib.php?r1=11986&r2=12302&pathrev=12302

secunia.com/advisories/34430

secunia.com/advisories/34642

secunia.com/advisories/35585

secunia.com/advisories/35635

security.gentoo.org/glsa/glsa-200906-03.xml

www.debian.org/security/2009/dsa-1824

www.mandriva.com/security/advisories?name=MDVSA-2009:115

www.phpmyadmin.net/home_page/security/PMASA-2009-2.php

www.securityfocus.com/bid/34251

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.5%

Related for CVELIST:CVE-2009-1150

debiancve1 prion1 redhatcve1 cve1 ubuntucve1 nvd1 phpmyadmin1 openvas15 securityvulns2 debian1 osv1 gentoo1 nessus4