CVE-2008-4775
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2008-4775
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2008-4775.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2008-4775
- Published
- 2008-10-28T19:46:09Z
- Modified
- 2024-11-21T00:52:31Z
- Summary
- [none]
- Details
-
Cross-site scripting (XSS) vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
- References
-
- http://secunia.com/advisories/32449
- http://secunia.com/advisories/32482
- http://security.gentoo.org/glsa/glsa-200903-32.xml
- http://www.vupen.com/english/advisories/2008/2943
- http://securityreason.com/securityalert/4516
- http://www.securityfocus.com/archive/1/497815/100/0/threaded
- http://www.securityfocus.com/bid/31928
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46136
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00908.html
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00925.html
- https://security-tracker.debian.org/tracker/CVE-2008-4775
Affected packages
Debian:11 / phpmyadmin
Package
- Name
- phpmyadmin
- Purl
- pkg:deb/debian/phpmyadmin?arch=source
Debian:12 / phpmyadmin
Package
- Name
- phpmyadmin
- Purl
- pkg:deb/debian/phpmyadmin?arch=source
Debian:13 / phpmyadmin
Package
- Name
- phpmyadmin
- Purl
- pkg:deb/debian/phpmyadmin?arch=source