Summary
This host is running phpMyAdmin and is prone to Cross Site Scripting vulnerability.
Impact
Successful exploitation will let the attacker cause XSS attacks and inject malicious web script or HTML code via a crafted SQL bookmarks.
Solution
Apply the respective patches or upgrade to version 3.2.0.1 http://www.phpmyadmin.net/home_page/downloads.php
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=12608
*****
Note: Ignore the warning if above mentioned patches are applied.
*****
Insight
This flaw arises because the input passed into SQL bookmarks is not adequately sanitised before using it in dynamically generated content.
Affected
phpMyAdmin version 3.0.x to 3.2.0.rc1
References
Severity
Classification
-
CVE CVE-2009-2284 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities