CVE-2005-3787
phpMyAdmin < 2.6.4-pl4 - Cross-Site Scripting via Cookie-Based Login Panel and Table Creation Dialog
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_suse
http://www.securityfocus.com/archive/1/423142/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16389
Patch, Vendor Advisory x_refsource_confirm
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-7
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17578
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18618
Scores
EPSS
0.0043
EPSS Percentile
62.5%
Details
Status
published
Products (13)
phpmyadmin/phpmyadmin
2.2.0
phpmyadmin/phpmyadmin
2.2.7_pl1
phpmyadmin/phpmyadmin
2.5.2_pl1
phpmyadmin/phpmyadmin
2.5.3
phpmyadmin/phpmyadmin
2.5.4
phpmyadmin/phpmyadmin
2.5.5_pl1
phpmyadmin/phpmyadmin
2.5.6_rc2
phpmyadmin/phpmyadmin
2.5.7_pl1
phpmyadmin/phpmyadmin
2.6.0_pl3
phpmyadmin/phpmyadmin
2.6.1_pl3
... and 3 more
Published
Nov 24, 2005
Tracked Since
Feb 18, 2026