phpMyAdmin SQL Injection and Cross Site Scripting Vulnerabilities

phpMyAdmin is prone to an SQL-injection issue and a cross-site scripting issue because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to phpMyAdmin 2.11.9.6 and 3.2.2.1 are affected.


 

Privacy Statement
Copyright 2010, SecurityFocus