PhpMyAdmin DB_Create.PHP Multiple Input Validation Vulnerabilities Network Vulnerability

Summary

phpMyAdmin is prone to multiple input-validation vulnerabilities, including a cross-site scripting and a SQL-injection issue. A successful exploit may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. These issues affect versions prior to phpMyAdmin 2.11.2.1.

Solution

Vendor updates are available. Please see http://www.phpmyadmin.net for more Information.

References

http://www.securityfocus.com/bid/26512

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-5976, CVE-2007-5977

CVSS	Base Score: 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion HTTP Response Splitting Vulnerability
Adobe JRun Management Console Multiple Vulnerabilities
Afian 'includer.php' Directory Traversal Vulnerability
Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
AlienForm CGI script

phpMyAdmin DB_Create.PHP Multiple Input Validation Vulnerabilities

Take action and discover your vulnerabilities