CVE-2006-6942
published 2007-01-19CVE-2006-6942: Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a…
PriorityP426medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
3.19%
86.5th percentile
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the newname parameter to db_operations.php, the (4) query_history_latest, (5) query_history_latest_db, and (6) querydisplay_tab parameters to (c) querywindow.php, and (7) the pos parameter to (d) sql.php.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | phpmyadmin | < phpmyadmin 4:2.11.2.1-1 (bookworm) | phpmyadmin 4:2.11.2.1-1 (bookworm) |
| debian | phpmyadmin | < phpmyadmin 4:2.9.1.1-2 (bookworm) | phpmyadmin 4:2.9.1.1-2 (bookworm) |
| debian | phpmyadmin | < phpmyadmin 4:2.11.8.1-4 (bookworm) | phpmyadmin 4:2.11.8.1-4 (bookworm) |
| debian | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | <= 2.9.1 | — |
| phpmyadmin | phpmyadmin | <= 2.11.2 | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | — | — |
| phpmyadmin | phpmyadmin | >= 0 < 4:2.9.1.1-2 | 4:2.9.1.1-2 |
| phpmyadmin | phpmyadmin | >= 0 < 4:2.11.8.1-4 | 4:2.11.8.1-4 |
| phpmyadmin | phpmyadmin | >= 0 < 4:2.11.2.1-1 | 4:2.11.2.1-1 |
| phpmyadmin | phpmyadmin | >= 0 < 4:2.9.1.1-2 | 4:2.9.1.1-2 |
| phpmyadmin | phpmyadmin | >= 0 < 4:2.11.8.1-4 | 4:2.11.8.1-4 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3754-x86m-fj9m: Cross-site scripting (XSS) vulnerability in pmd_pdf
ghsa_unreviewed·2022-05-14·CVSS 6.8
CVE-2008-4775 [MEDIUM] CWE-79 GHSA-3754-x86m-fj9m: Cross-site scripting (XSS) vulnerability in pmd_pdf
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
GHSA
GHSA-ggm5-jxm9-g55m: Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2
ghsa_unreviewed·2022-05-01
CVE-2006-6942 [MEDIUM] CWE-79 GHSA-ggm5-jxm9-g55m: Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the newname parameter to db_operations.php, the (4) query_history_latest, (5) query_history_latest_db, and (6) querydisplay_tab parameters to (c) querywindow.php, and (7) the pos parameter to (d) sql.php.
GHSA
GHSA-2v44-f984-3xpw: Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2007-4306 [MEDIUM] GHSA-2v44-f984-3xpw: Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7.
GHSA
GHSA-7wx4-pm9p-2c7w: Cross-site scripting (XSS) vulnerability in db_create
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2007-5977 [MEDIUM] CWE-79 GHSA-7wx4-pm9p-2c7w: Cross-site scripting (XSS) vulnerability in db_create
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
OSV
CVE-2008-4775: Cross-site scripting (XSS) vulnerability in pmd_pdf
osv·2008-10-28·CVSS 6.8
CVE-2008-4775 [MEDIUM] CVE-2008-4775: Cross-site scripting (XSS) vulnerability in pmd_pdf
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
OSV
CVE-2007-5977: Cross-site scripting (XSS) vulnerability in db_create
osv·2007-11-15·CVSS 6.8
CVE-2007-5977 [MEDIUM] CVE-2007-5977: Cross-site scripting (XSS) vulnerability in db_create
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
OSV
CVE-2007-4306: Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2
osv·2007-08-13·CVSS 6.8
CVE-2007-4306 [MEDIUM] CVE-2007-4306: Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7.
OSV
CVE-2006-6942: Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2
osv·2007-01-19·CVSS 6.8
CVE-2006-6942 [MEDIUM] CVE-2006-6942: Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the newname parameter to db_operations.php, the (4) query_history_latest, (5) query_history_latest_db, and (6) querydisplay_tab parameters to (c) querywindow.php, and (7) the pos parameter to (d) sql.php.
Red Hat
phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
vendor_redhat·2008-10-27·CVSS 6.8
CVE-2008-4775 [MEDIUM] CWE-79 phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
Debian
CVE-2008-4775: phpmyadmin - Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and...
vendor_debian·2008·CVSS 6.8
CVE-2008-4775 [MEDIUM] CVE-2008-4775: phpmyadmin - Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and...
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
Scope: local
bookworm: resolved (fixed in 4:2.11.8.1-4)
bullseye: resolved (fixed in 4:2.11.8.1-4)
forky: resolved (fixed in 4:2.11.8.1-4)
sid: resolved (fixed in 4:2.11.8.1-4)
trixie: resolved (fixed in 4:2.11.8.1-4)
Debian
CVE-2007-5977: phpmyadmin - Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2...
vendor_debian·2007·CVSS 6.8
CVE-2007-5977 [MEDIUM] CVE-2007-5977: phpmyadmin - Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2...
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
Scope: local
bookworm: resolved (fixed in 4:2.11.2.1-1)
bullseye: resolved (fixed in 4:2.11.2.1-1)
forky: resolved (fixed in 4:2.11.2.1-1)
sid: resolved (fixed in 4:2.11.2.1-1)
trixie: resolved (fixed in 4:2.11.2.1-1)
Debian
CVE-2007-4306: phpmyadmin - Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow r...
vendor_debian·2007·CVSS 6.8
CVE-2007-4306 [MEDIUM] CVE-2007-4306: phpmyadmin - Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow r...
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
Debian
CVE-2006-6942: phpmyadmin - Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1...
vendor_debian·2006·CVSS 6.8
CVE-2006-6942 [MEDIUM] CVE-2006-6942: phpmyadmin - Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1...
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the newname parameter to db_operations.php, the (4) query_history_latest, (5) query_history_latest_db, and (6) querydisplay_tab parameters to (c) querywindow.php, and (7) the pos parameter to (d) sql.php.
Scope: local
bookworm: resolved (fixed in 4:2.9.1.1-2)
bullseye: resolved (fixed in 4:2.9.1.1-2)
forky: resolved (fixed in 4:2.9.1.1-2)
sid: resolved (fixed in 4:2.9.1.1-2)
trixie: resolved (fixed in 4:2.9.1.1-2)
Red Hat
XSS in db_create
vendor_redhat·CVSS 6.8
CVE-2007-5977 [MEDIUM] XSS in db_create
XSS in db_create
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
No detection rules found.
Exploit-DB
phpMyAdmin 2.x - 'db_create.php?db' Cross-Site Scripting
exploitdb·2006-09-15
CVE-2006-6942 phpMyAdmin 2.x - 'db_create.php?db' Cross-Site Scripting
phpMyAdmin 2.x - 'db_create.php?db' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21137/info
phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities.
An attacker could exploit these vulnerabilities to view sensitive information or to have arbitrary script code execute in the context of the affected site, which may allow the attacker to steal cookie-based authentication credentials or change the way the site is rendered to the user. Data gained could aid in further attacks.
All versions of phpMyAdmin are vulnerable.
http://www.example.com/phpmyadmin/db_create.php?token=your_token&reload=1&db=[double xss(2 followed xss)]
Exploit-DB
phpMyAdmin 2.x - 'sql.php?pos' Cross-Site Scripting
exploitdb·2006-09-15
CVE-2006-6942 phpMyAdmin 2.x - 'sql.php?pos' Cross-Site Scripting
phpMyAdmin 2.x - 'sql.php?pos' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21137/info
phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities.
An attacker could exploit these vulnerabilities to view sensitive information or to have arbitrary script code execute in the context of the affected site, which may allow the attacker to steal cookie-based authentication credentials or change the way the site is rendered to the user. Data gained could aid in further attacks.
All versions of phpMyAdmin are vulnerable.
http://www.example.com/phpmyadmin/sql.php?db=information_schema&token=your_token&goto=db_details_structure.php&table=CHARAC
Exploit-DB
phpMyAdmin 2.x - 'querywindow.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-09-15
CVE-2006-6942 phpMyAdmin 2.x - 'querywindow.php' Multiple Cross-Site Scripting Vulnerabilities
phpMyAdmin 2.x - 'querywindow.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/21137/info
phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities.
An attacker could exploit these vulnerabilities to view sensitive information or to have arbitrary script code execute in the context of the affected site, which may allow the attacker to steal cookie-based authentication credentials or change the way the site is rendered to the user. Data gained could aid in further attacks.
All versions of phpMyAdmin are vulnerable.
http://www.example.com/phpmyadmin/querywindow.php token=your_token&db=&table=&query_history_la
Exploit-DB
phpMyAdmin 2.x - 'db_operations.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-09-15
CVE-2006-6942 phpMyAdmin 2.x - 'db_operations.php' Multiple Cross-Site Scripting Vulnerabilities
phpMyAdmin 2.x - 'db_operations.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/21137/info
phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities.
An attacker could exploit these vulnerabilities to view sensitive information or to have arbitrary script code execute in the context of the affected site, which may allow the attacker to steal cookie-based authentication credentials or change the way the site is rendered to the user. Data gained could aid in further attacks.
All versions of phpMyAdmin are vulnerable.
http://www.example.com/phpmyadmin/db_operations.php?db_collation=latin1_swedish_ci&db_copy=t
Bugzilla
CVE-2008-4775 phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
bugzilla·2008-10-29·CVSS 6.8
CVE-2008-4775 [MEDIUM] CVE-2008-4775 phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
CVE-2008-4775 phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-4775 to the following vulnerability:
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin
3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when
register_globals is enabled, allows remote attackers to inject
arbitrary web script or HTML via the db parameter, a different vector
than CVE-2006-6942 and CVE-2007-5977.
References:
http://www.securityfocus.com/archive/1/archive/1/497815/100/0/threaded
http://www.securityfocus.com/bid/31928
http://secunia.com/advisories/32449
Discussion:
613 (phpMyAdmin): Build on target fedora-4-epel succeeded.
612 (phpMyAdmin): Build on target fedora-5-epel suc
Bugzilla
CVE-2007-5977 XSS in db_create
bugzilla·2007-11-15·CVSS 6.8
CVE-2007-5977 [MEDIUM] CVE-2007-5977 XSS in db_create
CVE-2007-5977 XSS in db_create
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5977 to the following vulnerability:
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
References:
http://www.digitrustgroup.com/advisories/tdg-advisory071108a.html
http://sourceforge.net/project/shownotes.php?release_id=553333
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-7
http://www.frsirt.com/english/advisories/2007/3824
http://secunia.com/advisories/27630
http://xforce.iss.net/xforce/xfdb/38404
Discussion:
d
http://marc.info/?l=bugtraq&m=116370414309444&w=2http://secunia.com/advisories/26733http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7http://www.securityfocus.com/bid/21137http://www.us.debian.org/security/2007/dsa-1370http://www.vupen.com/english/advisories/2006/4572https://exchange.xforce.ibmcloud.com/vulnerabilities/30310http://marc.info/?l=bugtraq&m=116370414309444&w=2http://secunia.com/advisories/26733http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7http://www.securityfocus.com/bid/21137http://www.us.debian.org/security/2007/dsa-1370http://www.vupen.com/english/advisories/2006/4572https://exchange.xforce.ibmcloud.com/vulnerabilities/30310
2007-01-19
Published