Description

Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie.

Remediation

References

CVE-2009-1150

Related Vulnerabilities

WordPress Plugin Thrive Optimize Security Bypass (1.4.13.2)

Joomla! Core 3.9.x Cross-Site Request Forgery (3.9.0 - 3.9.19)

Oracle JRE CVE-2013-0425 Vulnerability (CVE-2013-0425)

SharePoint CVE-2021-24104 Vulnerability (CVE-2021-24104)

MySQL CVE-2012-0574 Vulnerability (CVE-2012-0574)

Severity

Medium

Classification

CVE-2009-1150 CWE-707

Tags

Missing Update Known Vulnerabilities