Description
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Activity Log PHP Object Injection (3.2.5)
Play Framework Inadequate Encryption Strength Vulnerability (CVE-2019-17598)
PHP Other Vulnerability (CVE-2007-1286)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-6816)
WordPress Plugin Cookie Information-Free GDPR Consent Solution Privilege Escalation (1.4.2)