NVD

Id
3338  
Name
CVE-2008-3457  
Description
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-08-04  
Modified Date
2011-03-07  
Seq
2008-3457  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
20994 3338 CVE-2008-3457 SUSE-SR:2008:026  View
20995 3338 CVE-2008-3457 DSA-1641  View
20996 3338 CVE-2008-3457 MDVSA-2008:202  View
20997 3338 CVE-2008-3457 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6  View
20998 3338 CVE-2008-3457 30420  View
20999 3338 CVE-2008-3457 ADV-2008-2226  View
21000 3338 CVE-2008-3457 phpmyadmin-setup-configinc-xss(44052)  View
21001 3338 CVE-2008-3457 http://yehg.net/lab/pr0js/advisories/XSS_inPhpMyAdmin2.11.7.pdf  View
21002 3338 CVE-2008-3457 FEDORA-2008-6810  View
21003 3338 CVE-2008-3457 FEDORA-2008-6868  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
50789 JVNDB-2008-006099 phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 phpMyAdmin には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-3457 33570 CVE-2008-3457 3338 2.6 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006099.html 2008-07-28 2012-12-20 View