CVE-2007-0341
phpMyAdmin 2.8.1 - Cross-Site Scripting via CSS Style in convcharset Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992.
References (3)
Core 3
Core References
Exploit, Patch, Vendor Advisory x_refsource_misc
http://www.virtuax.be/advisories/Advisory1-12012007.txt
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/456726/100/0/threaded
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/456698/100/0/threaded
Scores
EPSS
0.0117
EPSS Percentile
78.9%
Details
Status
published
Products (1)
phpmyadmin/phpmyadmin
2.8.1
Published
Jan 18, 2007
Tracked Since
Feb 18, 2026