Description

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.

Remediation

References

CVE-2005-3787

Related Vulnerabilities

PrestaShop CVE-2018-13784 Vulnerability (CVE-2018-13784)

PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21706)

Oracle Database Server CVE-2006-5334 Vulnerability (CVE-2006-5334)

WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5)

WordPress Plugin Admin Columns Cross-Site Scripting (4.3.1)

Severity

Medium

Classification

CVE-2005-3787

Tags

Missing Update Known Vulnerabilities