CVE-2006-2031
phpMyAdmin 2.8.0.2-2.8.0.3 - Cross-Site Scripting via Lang Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
References (4)
Core 4
Core References
Exploit third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19659
Third Party Advisory x_refsource_misc
http://pridels0.blogspot.com/2006/04/phpmyadmin-xss-vuln.html
Various Sources x_refsource_confirm
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25954
Scores
EPSS
0.0041
EPSS Percentile
61.4%
Details
Status
published
Products (4)
phpmyadmin/phpmyadmin
2.8.0.2
phpmyadmin/phpmyadmin
2.8.0.3
phpmyadmin/phpmyadmin
2.8.1_dev
phpmyadmin/phpmyadmin
2.9.0_dev
Published
Apr 26, 2006
Tracked Since
Feb 18, 2026