Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2006-6942 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2006-6942

Medium
Reference: CVE-2006-6942
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2006-6942
Title: phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name as exploited through (a) db_operations.php (2) the db parameter to (b) db_create.php (3) the newname parameter to db_operations.php the (4) query_history_latest (5) query_history_latest_db and (6) querydisplay_tab parameters to (c) querywindow.php and (7) the pos parameter to (d) sql.php.