Description
Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Michal Majchrowicz · textwebappsphp
https://www.exploit-db.com/exploits/30075
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34456
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38138
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27756
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24115
Mailing List mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=117987658110713&w=2
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_24_sr.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33263
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1693
Scores
EPSS
0.0431
EPSS Percentile
88.9%
Details
Status
published
Products (1)
phppgadmin/phppgadmin
4.1.1
Published
May 25, 2007
Tracked Since
Feb 18, 2026