CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phpmyadmin: >> Phpmyadmin >> 2.11.6 Security Vulnerabilities

CVE-2008-3197

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.

CVSS Score

3.5

EPSS Score

0.006

Published

2008-07-16

CVE-2008-2960

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.

CVSS Score

2.6

EPSS Score

0.006

Published

2008-07-02

Page 2

Vulnerabilities

Vulnerable Software

Phpmyadmin: >> Phpmyadmin >> 2.11.6 Security Vulnerabilities

Products

Pricing

Contact Us