From 5d71ef81977cea702a08048d2aa1210d7d3e27b6 Mon Sep 17 00:00:00 2001 From: "Simon L. B. Nielsen" Date: Sun, 31 Jul 2005 13:50:20 +0000 Subject: Document phpmyadmin -- cross site scripting vulnerability. --- security/vuxml/vuln.xml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index ab09eb2ba39e..0985e6816d90 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,36 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> + + phpmyadmin -- cross site scripting vulnerability + + + phpmyadmin + phpMyAdmin + 2.6.2.r1 + + + + +

A phpMyAdmin security announcement reports:

+
The convcharset parameter was not correctly validated, + opening the door to a XSS attack.
+

+ + + + 12982 + CAN-2005-0992 + http://marc.theaimsgroup.com/?l=bugtraq&m=111264361622660 + http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3 + + + 2005-04-03 + 2005-07-31 + + + gnupg -- OpenPGP symmetric encryption vulnerability -- cgit