Vulnerabilities

CVE-2007-5977

by Fred · 14/11/2007

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.

Date published : 2007-11-14

http://www.securityfocus.com/bid/26512

http://sourceforge.net/project/shownotes.php?release_id=553333

Similar

Tags: Cybersecurity Alert