FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- cross site scripting vulnerability

Affected packages
		phpmyadmin	<	2.6.2.r1
		phpMyAdmin	<	2.6.2.r1

Details

VuXML ID	58247a96-01c8-11da-bc08-0001020eed82
Discovery	2005-04-03
Entry	2005-07-31

A phpMyAdmin security announcement reports:

The convcharset parameter was not correctly validated, opening the door to a XSS attack.

[source]

References

Bugtraq ID	12982
CVE Name	CVE-2005-0992
Message	4f9e4516050404101223fbdeed@mail.gmail.com
URL	http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.