Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2007-5977 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2007-5977

Low
Reference: CVE-2007-5977
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2007-5977
Title: phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request a different vulnerability than CVE-2006-6942.