CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
Percentile
83.0%
Secunia report:
Some vulnerabilities have been reported in phpMyAdmin, which can be
exploited by malicious people to conduct cross-site scripting
attacks.
Input passed via unspecified parameters to files in /libraries is not
properly sanitised before being returned to the user. This can be
exploited to execute arbitrary HTML and script code in a userβs
browser session in context of an affected site.
Successful exploitation requires that βregister_globalsβ is enabled
and support for β.htaccessβ files is disabled.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | <Β 2.11.7 | UNKNOWN |