CVE Vulnerabilities

CVE-2007-2245

Published: Apr 25, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function.

Affected Software

Name Vendor Start Version End Version
Phpmyadmin Phpmyadmin 2.10.1.0 (including) 2.10.1.0 (including)
Phpmyadmin Ubuntu dapper *
Phpmyadmin Ubuntu edgy *
Phpmyadmin Ubuntu feisty *
Phpmyadmin Ubuntu upstream *

References