| VID |
21401 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The phpMyAdmin, according to its version number, has multiple cross-site scripting vulnerabilities in the read_dump.php script. phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields.
phpMyAdmin versions prior to 2.6.0-pl3 are vulnerable to multiple cross-site scripting vulnerabilities. A remote attacker could embed malicious script in the PmaAbsoluteUri parameter in a specially-crafted URL request, or embed malicious script in the zero_rows or the sql_query parameter in a specially-crafted URL request to the read_dump.php script, which would be executed in the victim's Web browser within the security context of the hosting site, once the link is clicked. This may potentially lead to theft of cookie-based authentication credentials as well as other attacks.
* Note: This check solely relied on the version number of the remote phpMyAdmin software to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/13241/
http://www.netvigilance.com/html/advisory0005.htm
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-3
* Platforms Affected:
Tobias Ratschiller, phpMyAdmin prior to 2.6.0-pl3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of phpMyAdmin (2.6.0-pl3 or later), available from the phpMyAdmin Download Web page at http://www.phpmyadmin.net/home_page/downloads.php |
| Related URL |
CVE-2004-1055 (CVE) |
| Related URL |
11707 (SecurityFocus) |
| Related URL |
18158 (ISS) |
|
