5.4
CVSSv3

CVE-2018-7260

Published: 21/02/2018 Updated: 06/03/2018
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin prior to 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

phpmyadmin phpmyadmin

Vendor Advisories

Debian Bug report logs - #893539 phpmyadmin: CVE-2018-7260 Package: src:phpmyadmin; Maintainer for src:phpmyadmin is Thijs Kinkhorst <thijs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 19 Mar 2018 18:51:02 UTC Severity: important Tags: patch, security, upstream Found in version phpmy ...
Arch Linux Security Advisory ASA-201802-11 ========================================== Severity: Medium Date : 2018-02-23 CVE-ID : CVE-2018-7260 Package : phpmyadmin Type : cross-site scripting Remote : Yes Link : securityarchlinuxorg/AVG-630 Summary ======= The package phpmyadmin before version 478-1 is vulnerable to cross ...
Cross-site scripting (XSS) vulnerability in db_central_columnsphp in phpMyAdmin before 478 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL ...

Github Repositories

Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out current Contents CVE-2011-2856 CVE-2011-3243 CVE-2013-2618 CVE-2013-6632 CVE-2014-1701 CVE-2014-1705 CVE-2014-1747 CVE-2014-3176 CVE-2014-6332 CVE-2014-7927 CVE-2014-7928 CVE-2015-0072 CVE-2015-0235 CVE-2015-0240 CVE-2015-1233 CVE-2015-1242 CVE-2015-1268 CV

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :