|
Family: CGI abuses : XSS --> Category: infos
phpMyAdmin XSS Vulnerability Scan
Vulnerability Scan Summary Checks the version of phpMyAdmin
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that is susceptible to
cross-site scripting attacks.
Description :
The version of phpMyAdmin installed on the remote host is vulnerable
to cross-site scripting attacks through various parameters and
scripts. With a specially crafted URL, a possible hacker can cause
arbitrary code execution resulting in a loss of integrity.
See also :
http://www.netvigilance.com/html/advisory0005.htm
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-3
Solution :
Upgrade to phpMyAdmin version 2.6.0-pl3 or later.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:H/Au:NR/C:N/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|