FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpMyAdmin -- XSS attack in database search

Affected packages
		phpMyAdmin	<	3.3.8.1
		phpMyAdmin211	<	2.11.11.1

Details

VuXML ID	753f8185-5ba9-42a4-be02-3f55ee580093
Discovery	2010-11-29
Entry	2010-11-30

phpMyAdmin team reports:

It was possible to conduct a XSS attack using spoofed request on the db search script.

[source]

References

CVE Name	CVE-2010-4329
FreeBSD PR	ports/152685
FreeBSD PR	ports/152686
URL	http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.