← back
CVE-2011-3181

CVE-2011-3181

EPSS 2.3%
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065824.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-September/065829.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-September/065854.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=733475http://secunia.com/advisories/45709http://secunia.com/advisories/45990http://www.debian.org/security/2012/dsa-2391http://www.mandriva.com/security/advisories?name=MDVSA-2011:158http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.phphttp://www.securityfocus.com/bid/49306