• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

phpMyAdmin Login Page Cross-Site Scripting Vulnerability

Bugtraq ID:	26513
Class:	Input Validation Error
CVE:	CVE-2007-6100
Remote:	Yes
Local:	No
Published:	Nov 20 2007 12:00AM
Updated:	Mar 17 2008 05:50PM
Credit:	Tim Brown of Nth Dimension is credited with the discovery of this vulnerability.
Vulnerable:	S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. Linux 10.1 x86-64 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc phpMyAdmin phpMyAdmin 2.11.1 phpMyAdmin phpMyAdmin 2.9.1 phpMyAdmin phpMyAdmin 2.9 rc1 phpMyAdmin phpMyAdmin 2.9 .2 phpMyAdmin phpMyAdmin 2.9 .1 phpMyAdmin phpMyAdmin 2.9 phpMyAdmin phpMyAdmin 2.8.2 phpMyAdmin phpMyAdmin 2.8.1 phpMyAdmin phpMyAdmin 2.8 .4 phpMyAdmin phpMyAdmin 2.8 .3 phpMyAdmin phpMyAdmin 2.8 .1 phpMyAdmin phpMyAdmin 2.7 .0-beta1 phpMyAdmin phpMyAdmin 2.7 -pl1 phpMyAdmin phpMyAdmin 2.7 phpMyAdmin phpMyAdmin 2.6.4 -rc1 phpMyAdmin phpMyAdmin 2.6.4 -pl4 phpMyAdmin phpMyAdmin 2.6.4 -pl3 phpMyAdmin phpMyAdmin 2.6.4 -pl1 phpMyAdmin phpMyAdmin 2.6.3 -pl1 phpMyAdmin phpMyAdmin 2.6.2 -rc1 phpMyAdmin phpMyAdmin 2.6.2 + Gentoo Linux phpMyAdmin phpMyAdmin 2.6.1 pl3 phpMyAdmin phpMyAdmin 2.6.1 pl1 phpMyAdmin phpMyAdmin 2.6.1 -rc1 phpMyAdmin phpMyAdmin 2.6.1 phpMyAdmin phpMyAdmin 2.6 .0pl3 phpMyAdmin phpMyAdmin 2.6 .0pl2 + Gentoo Linux 1.4 + Gentoo Linux + Gentoo Linux + Gentoo Linux phpMyAdmin phpMyAdmin 2.6 .0pl1 phpMyAdmin phpMyAdmin 2.6 phpMyAdmin phpMyAdmin 2.5.7 pl1 phpMyAdmin phpMyAdmin 2.5.7 phpMyAdmin phpMyAdmin 2.5.6 -rc1 phpMyAdmin phpMyAdmin 2.5.5 pl1 phpMyAdmin phpMyAdmin 2.5.5 -rc2 phpMyAdmin phpMyAdmin 2.5.5 -rc1 phpMyAdmin phpMyAdmin 2.5.5 phpMyAdmin phpMyAdmin 2.5.4 phpMyAdmin phpMyAdmin 2.5.3 + S.u.S.E. Linux Personal 9.3 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 9.0 phpMyAdmin phpMyAdmin 2.5.2 phpMyAdmin phpMyAdmin 2.5.1 phpMyAdmin phpMyAdmin 2.5 .0 phpMyAdmin phpMyAdmin 2.4 .0 phpMyAdmin phpMyAdmin 2.3.2 phpMyAdmin phpMyAdmin 2.3.1 phpMyAdmin phpMyAdmin 2.2.6 phpMyAdmin phpMyAdmin 2.2.5 phpMyAdmin phpMyAdmin 2.2.4 phpMyAdmin phpMyAdmin 2.2.3 phpMyAdmin phpMyAdmin 2.2.2 phpMyAdmin phpMyAdmin 2.2 rc3 phpMyAdmin phpMyAdmin 2.2 rc2 phpMyAdmin phpMyAdmin 2.2 rc1 phpMyAdmin phpMyAdmin 2.2 pre2 phpMyAdmin phpMyAdmin 2.2 pre1 phpMyAdmin phpMyAdmin 2.2 phpMyAdmin phpMyAdmin 2.1 .2 phpMyAdmin phpMyAdmin 2.1 .1 phpMyAdmin phpMyAdmin 2.1 - Debian Linux 2.2 sparc - Debian Linux 2.2 sparc - Debian Linux 2.2 sparc - Debian Linux 2.2 powerpc - Debian Linux 2.2 powerpc - Debian Linux 2.2 powerpc - Debian Linux 2.2 arm - Debian Linux 2.2 arm - Debian Linux 2.2 arm - Debian Linux 2.2 alpha - Debian Linux 2.2 alpha - Debian Linux 2.2 alpha - Debian Linux 2.2 68k - Debian Linux 2.2 68k - Debian Linux 2.2 68k - Debian Linux 2.2 - Debian Linux 2.2 - Debian Linux 2.2 - FreeBSD FreeBSD 4.2 - FreeBSD FreeBSD 4.2 - FreeBSD FreeBSD 4.2 - FreeBSD FreeBSD 3.5.1 - FreeBSD FreeBSD 3.5.1 - FreeBSD FreeBSD 3.5.1 - MandrakeSoft Linux Mandrake 7.2 - MandrakeSoft Linux Mandrake 7.2 - MandrakeSoft Linux Mandrake 7.2 - MandrakeSoft Linux Mandrake 7.1 - MandrakeSoft Linux Mandrake 7.1 - MandrakeSoft Linux Mandrake 7.1 - MandrakeSoft Linux Mandrake 7.0 - MandrakeSoft Linux Mandrake 7.0 - MandrakeSoft Linux Mandrake 7.0 - OpenBSD OpenBSD 2.8 - OpenBSD OpenBSD 2.8 - OpenBSD OpenBSD 2.8 - OpenBSD OpenBSD 2.7 - OpenBSD OpenBSD 2.7 - OpenBSD OpenBSD 2.7 - OpenBSD OpenBSD 2.6 - OpenBSD OpenBSD 2.6 - OpenBSD OpenBSD 2.6 - RedHat Linux 7.0 - RedHat Linux 7.0 - RedHat Linux 7.0 - RedHat Linux 6.2 - RedHat Linux 6.2 - RedHat Linux 6.2 - S.u.S.E. Linux 7.1 - S.u.S.E. Linux 7.0 - S.u.S.E. Linux 7.0 - S.u.S.E. Linux 7.0 - S.u.S.E. Linux 6.4 - S.u.S.E. Linux 6.4 - S.u.S.E. Linux 6.4 - Sun Solaris 8_x86 - Sun Solaris 8_x86 - Sun Solaris 8_x86 - Sun Solaris 8 - Sun Solaris 8 - Sun Solaris 8 - Sun Solaris 7.0_x86 - Sun Solaris 7.0_x86 - Sun Solaris 7.0_x86 - Sun Solaris 7.0 - Sun Solaris 7.0 - Sun Solaris 7.0 - Sun Solaris 2.6_x86 - Sun Solaris 2.6_x86 - Sun Solaris 2.6_x86 - Sun Solaris 2.6 - Sun Solaris 2.6 - Sun Solaris 2.6 phpMyAdmin phpMyAdmin 2.0.5 phpMyAdmin phpMyAdmin 2.0.4 phpMyAdmin phpMyAdmin 2.0.3 phpMyAdmin phpMyAdmin 2.0.2 phpMyAdmin phpMyAdmin 2.0.1 phpMyAdmin phpMyAdmin 2.0 phpMyAdmin phpMyAdmin 2.9.2-rc1 phpMyAdmin phpMyAdmin 2.9.1.1 phpMyAdmin phpMyAdmin 2.9.0.3 phpMyAdmin phpMyAdmin 2.11.2.1 phpMyAdmin phpMyAdmin 2.11.1.2 phpMyAdmin phpMyAdmin 2.11.1.1 phpMyAdmin phpMyAdmin 2.10.0.2 phpMyAdmin phpMyAdmin 2.10.0.1 phpMyAdmin phpMyAdmin 2.10.0.1
Not Vulnerable:	phpMyAdmin phpMyAdmin 2.11.2.2