CVE-2007-5386

Published: Oct 12, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/trunk/?view=log

x_refsource_CONFIRM

27173

third-party-advisory

x_refsource_SECUNIA

FEDORA-2007-2738

vendor-advisory

x_refsource_FEDORA

27506

third-party-advisory

x_refsource_SECUNIA

phpmyadmin-setup-xss(37077)

vdb-entry

x_refsource_XF

DSA-1403

vendor-advisory

x_refsource_DEBIAN

20071015 about phpMyAdmin setup.php XSS vulnerability

mailing-list

x_refsource_BUGTRAQ

37678

vdb-entry

x_refsource_OSVDB

MDKSA-2007:199

vendor-advisory

x_refsource_MANDRIVA

27595

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=333661

x_refsource_CONFIRM

http://www.digitrustgroup.com/advisories/TDG-advisory071009a

x_refsource_MISC

26020

vdb-entry

x_refsource_BID

ADV-2007-3469

vdb-entry

x_refsource_VUPEN

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_1/phpMyAdmin/ChangeLog?r1=10748&r2=10747&pathrev=10748

x_refsource_CONFIRM

https://sourceforge.net/tracker/index.php?func=detail&aid=1810629&group_id=23067&atid=377408

x_refsource_CONFIRM

http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-5386

Description

Affected Products

References