CVE-2008-4775

2008-10-2800:00:00

ubuntu.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.008

Percentile

82.4%

JSON

Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin
3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when
register_globals is enabled, allows remote attackers to inject arbitrary
web script or HTML via the db parameter, a different vector than
CVE-2006-6942 and CVE-2007-5977.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchphpmyadmin< 4:2.11.3-1ubuntu1.2UNKNOWN
ubuntu8.10noarchphpmyadmin< 4:2.11.8.1-1ubuntu0.1UNKNOWN