phpMyAdmin Cross Site Scripting Vulnerability

Bugtraq ID:	31327
Class:	Input Validation Error
CVE:	CVE-2008-4326
Remote:	Yes
Local:	No
Published:	Sep 23 2008 12:00AM
Updated:	Feb 02 2009 09:29PM
Credit:	phpMyAdmin
Vulnerable:	Typo3 phpMyAdmin 3.3 Typo3 phpMyAdmin 3.2 Typo3 phpMyAdmin 3.0.1 Typo3 phpMyAdmin 3.0 Turbolinux Appliance Server 3.0 x64 Turbolinux Appliance Server 3.0 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 phpMyAdmin phpMyAdmin 2.11.9 .1 phpMyAdmin phpMyAdmin 2.11.9 phpMyAdmin phpMyAdmin 2.11.8 phpMyAdmin phpMyAdmin 2.11.7 phpMyAdmin phpMyAdmin 2.11.5 1 phpMyAdmin phpMyAdmin 2.11.5 phpMyAdmin phpMyAdmin 2.11.4 phpMyAdmin phpMyAdmin 2.11.1 phpMyAdmin phpMyAdmin 2.9.1 phpMyAdmin phpMyAdmin 2.9 rc1 phpMyAdmin phpMyAdmin 2.9 .2 phpMyAdmin phpMyAdmin 2.9 .1 phpMyAdmin phpMyAdmin 2.9 phpMyAdmin phpMyAdmin 2.8.2 phpMyAdmin phpMyAdmin 2.8.1 phpMyAdmin phpMyAdmin 2.8 .4 phpMyAdmin phpMyAdmin 2.8 .3 phpMyAdmin phpMyAdmin 2.8 .1 phpMyAdmin phpMyAdmin 2.7 .0-beta1 phpMyAdmin phpMyAdmin 2.7 -pl1 phpMyAdmin phpMyAdmin 2.7 phpMyAdmin phpMyAdmin 2.6.4 -rc1 phpMyAdmin phpMyAdmin 2.6.4 -pl4 phpMyAdmin phpMyAdmin 2.6.4 -pl3 phpMyAdmin phpMyAdmin 2.6.4 -pl1 phpMyAdmin phpMyAdmin 2.6.3 -pl1 phpMyAdmin phpMyAdmin 2.6.2 -rc1 phpMyAdmin phpMyAdmin 2.6.2 + Gentoo Linux phpMyAdmin phpMyAdmin 2.6.1 pl3 phpMyAdmin phpMyAdmin 2.6.1 pl1 phpMyAdmin phpMyAdmin 2.6.1 -rc1 phpMyAdmin phpMyAdmin 2.6.1 phpMyAdmin phpMyAdmin 2.6 .0pl3 phpMyAdmin phpMyAdmin 2.6 .0pl2 + Gentoo Linux 1.4 + Gentoo Linux + Gentoo Linux + Gentoo Linux phpMyAdmin phpMyAdmin 2.6 .0pl1 phpMyAdmin phpMyAdmin 2.6 phpMyAdmin phpMyAdmin 2.5.7 pl1 phpMyAdmin phpMyAdmin 2.5.7 phpMyAdmin phpMyAdmin 2.5.6 -rc1 phpMyAdmin phpMyAdmin 2.5.5 pl1 phpMyAdmin phpMyAdmin 2.5.5 -rc2 phpMyAdmin phpMyAdmin 2.5.5 -rc1 phpMyAdmin phpMyAdmin 2.5.5 phpMyAdmin phpMyAdmin 2.5.4 phpMyAdmin phpMyAdmin 2.5.3 + S.u.S.E. Linux Personal 9.3 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 9.0 phpMyAdmin phpMyAdmin 2.5.2 phpMyAdmin phpMyAdmin 2.5.1 phpMyAdmin phpMyAdmin 2.5 .0 phpMyAdmin phpMyAdmin 2.4 .0 phpMyAdmin phpMyAdmin 2.3.2 phpMyAdmin phpMyAdmin 2.3.1 phpMyAdmin phpMyAdmin 2.2.6 phpMyAdmin phpMyAdmin 2.2.5 phpMyAdmin phpMyAdmin 2.2.4 phpMyAdmin phpMyAdmin 2.2.3 phpMyAdmin phpMyAdmin 2.2.2 phpMyAdmin phpMyAdmin 2.2 rc3 phpMyAdmin phpMyAdmin 2.2 rc2 phpMyAdmin phpMyAdmin 2.2 rc1 phpMyAdmin phpMyAdmin 2.2 pre2 phpMyAdmin phpMyAdmin 2.2 pre1 phpMyAdmin phpMyAdmin 2.2 phpMyAdmin phpMyAdmin 2.1 .2 phpMyAdmin phpMyAdmin 2.1 .1 phpMyAdmin phpMyAdmin 2.1 phpMyAdmin phpMyAdmin 2.0.5 phpMyAdmin phpMyAdmin 2.0.4 phpMyAdmin phpMyAdmin 2.0.3 phpMyAdmin phpMyAdmin 2.0.2 phpMyAdmin phpMyAdmin 2.0.1 phpMyAdmin phpMyAdmin 2.0 phpMyAdmin phpMyAdmin 2.9.2-rc1 phpMyAdmin phpMyAdmin 2.9.1.1 phpMyAdmin phpMyAdmin 2.9.0.3 phpMyAdmin phpMyAdmin 2.7.0-pl2 phpMyAdmin phpMyAdmin 2.5.11.2 phpMyAdmin phpMyAdmin 2.11.8.1 phpMyAdmin phpMyAdmin 2.11.5.2 phpMyAdmin phpMyAdmin 2.11.2.2 phpMyAdmin phpMyAdmin 2.11.2.1 phpMyAdmin phpMyAdmin 2.11.1.2 phpMyAdmin phpMyAdmin 2.11.1.1 phpMyAdmin phpMyAdmin 2.10.0.2 phpMyAdmin phpMyAdmin 2.10.0.1 phpMyAdmin phpMyAdmin 2.10.0.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0

Not Vulnerable:	Typo3 phpMyAdmin 3.4 phpMyAdmin phpMyAdmin 2.11.9 .2