Family: CGI abuses --> Category: infos
phpMyAdmin multiple flaws Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of phpMyAdmin
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that suffers from
The remote host is running a version of phpMyAdmin which is vulnerable to
several flaws :
- It may be tricked into disclosing the physical path of the remote PHP
- It is vulnerable to cross-site scripting, which may allow a possible hacker
to steal the cookies of your users.
- It is vulnerable to a flaw which may allow a possible hacker to list the
contents of arbitrary directories on the remote server.
A possible hacker may use these flaws to gain more knowledge about the remote
host and therefore set up more complex attacks against it.
See also :
Upgrade to phpMyAdmin 2.5.2 or later.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.