Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4780

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4780
Last Modified 06 Nov 2012 12:04:28
Published 22 Dec 2011 03:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4780

Summary

Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections.

Vulnerable Systems

Application

  • Phpmyadmin 3.4.0.0

  • Phpmyadmin 3.4.1.0

  • Phpmyadmin 3.4.2.0

  • Phpmyadmin 3.4.3.0

  • Phpmyadmin 3.4.3.1

  • Phpmyadmin 3.4.3.2

  • Phpmyadmin 3.4.4.0

  • Phpmyadmin 3.4.5.0

  • Phpmyadmin 3.4.6.0

  • Phpmyadmin 3.4.7.0

  • Phpmyadmin 3.4.8.0


References

CONFIRM - http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php

CONFIRM - http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=bd3735ba584e7a49aee78813845245354b061f61

MANDRIVA - MDVSA-2011:198

BID - 51226

FEDORA - FEDORA-2011-17369

FEDORA - FEDORA-2011-17370


Last Updated: 27 May 2016 10:57:16