CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phpmyadmin: >> Phpmyadmin >> 2.11.7.12.11.7.1 Security Vulnerabilities

CVE-2008-4326

The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.

CVSS Score

4.3

EPSS Score

0.013

Published

2008-09-30

CVE-2008-4096

libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.

CVSS Score

8.5

EPSS Score

0.089

Published

2008-09-18

Page 3

Vulnerabilities

Vulnerable Software

Phpmyadmin: >> Phpmyadmin >> 2.11.7.12.11.7.1 Security Vulnerabilities

Products

Pricing

Contact Us