|
|
Log in / Subscribe / Register

phpmyadmin: cross-site scripting

Package(s):phpMyAdmin CVE #(s):CVE-2011-4780 CVE-2011-4782
Created:January 2, 2012 Updated:January 4, 2012
Description: From the Red Hat bugzilla:

Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections. (CVE-2011-4780)

From the Red Hat bugzilla:

Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter. (CVE-2011-4782)

Alerts:
Gentoo 201201-01 phpmyadmin 2012-01-04
Mandriva MDVSA-2011:198 phpmyadmin 2011-12-31
Fedora FEDORA-2011-17370 phpMyAdmin 2011-12-23
Fedora FEDORA-2011-17369 phpMyAdmin 2011-12-23
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds