Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2005-3301

Published: 24/10/2005 Updated: 08/03/2011
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 440
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Phpmyadmin

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.6.4-pl3 allow remote malicious users to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.

Vulnerable Product Search on Vulmon Subscribe to Product

phpmyadmin phpmyadmin 2.6.4

phpmyadmin phpmyadmin 2.6.4_pl1

phpmyadmin phpmyadmin 2.6.4_pl2

phpmyadmin phpmyadmin 2.6.4_rc1

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2005-3301: Cross-Site Scripting vulnerability.
Debian Bug report logs - #335513 CVE-2005-3301: Cross-Site Scripting vulnerability Package: phpmyadmin; Maintainer for phpmyadmin is Thijs Kinkhorst <thijs@debianorg>; Source for phpmyadmin is src:phpmyadmin (PTS, buildd, popcon) Reported by: 4:262-3 Date: Mon, 24 Oct 2005 15:18:19 UTC Severity: important Tags: fixed, ...
Debian CVElist Bug Report Logs: CVE-2005-3300: Local file inclusion vulnerability
Debian Bug report logs - #335306 CVE-2005-3300: Local file inclusion vulnerability Package: phpmyadmin; Maintainer for phpmyadmin is Thijs Kinkhorst <thijs@debianorg>; Source for phpmyadmin is src:phpmyadmin (PTS, buildd, popcon) Reported by: 4:262-3 Date: Sun, 23 Oct 2005 09:48:08 UTC Severity: grave Tags: fixed, sarg ...

Exploits

Exploit DB: phpMyAdmin 2.x - 'server_databases.php' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/15196/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the contex ...
Exploit DB: phpMyAdmin 2.x - 'queryframe.php' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/15196/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context ...

References

NVD-CWE-Otherhttp://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-5http://www.gentoo.org/security/en/glsa/glsa-200510-21.xmlhttp://www.debian.org/security/2005/dsa-880http://secunia.com/advisories/17337http://www.securityfocus.com/bid/15196http://www.novell.com/linux/security/advisories/2005_28_sr.htmlhttp://secunia.com/advisories/17559http://www.novell.com/linux/security/advisories/2005_66_phpmyadmin.htmlhttp://secunia.com/advisories/17607http://www.vupen.com/english/advisories/2005/2179https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335513https://www.exploit-db.com/exploits/26393/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook