Vulnerability Details CVE-2006-2418
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.2%
CVSS Severity
CVSS v2 Score 6.8
References
- http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html
- http://secunia.com/advisories/20113
- http://secunia.com/advisories/20627
- http://secunia.com/advisories/22781
- http://www.debian.org/security/2006/dsa-1207
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2
- http://www.securityfocus.com/bid/17973
- http://www.vupen.com/english/advisories/2006/1794
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26441
- http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html
- http://secunia.com/advisories/20113
- http://secunia.com/advisories/20627
- http://secunia.com/advisories/22781
- http://www.debian.org/security/2006/dsa-1207
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2
- http://www.securityfocus.com/bid/17973
- http://www.vupen.com/english/advisories/2006/1794
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26441
Products affected by CVE-2006-2418
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.0.3