CVE-2009-2284

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
phpmyadminphpmyadmin
𝑥
≤ 3.2.0
phpmyadminphpmyadmin
2.0
phpmyadminphpmyadmin
2.0.0
phpmyadminphpmyadmin
2.0.1
phpmyadminphpmyadmin
2.0.2
phpmyadminphpmyadmin
2.0.3
phpmyadminphpmyadmin
2.0.4
phpmyadminphpmyadmin
2.0.5
phpmyadminphpmyadmin
2.1
phpmyadminphpmyadmin
2.1.0
phpmyadminphpmyadmin
2.1.1
phpmyadminphpmyadmin
2.1.2
phpmyadminphpmyadmin
2.2
phpmyadminphpmyadmin
2.2.0
phpmyadminphpmyadmin
2.2.0_pre1:_pre1
phpmyadminphpmyadmin
2.2.0_pre2:_pre2
phpmyadminphpmyadmin
2.2.0_rc1:_rc1
phpmyadminphpmyadmin
2.2.0_rc2:_rc2
phpmyadminphpmyadmin
2.2.0_rc3:_rc3
phpmyadminphpmyadmin
2.2.2
phpmyadminphpmyadmin
2.2.3
phpmyadminphpmyadmin
2.2.4
phpmyadminphpmyadmin
2.2.5
phpmyadminphpmyadmin
2.2.6
phpmyadminphpmyadmin
2.2.7_pl1:_pl1
phpmyadminphpmyadmin
2.2_pre1:_pre1
phpmyadminphpmyadmin
2.2_pre2:_pre2
phpmyadminphpmyadmin
2.2_rc1:_rc1
phpmyadminphpmyadmin
2.2_rc2:_rc2
phpmyadminphpmyadmin
2.2_rc3:_rc3
phpmyadminphpmyadmin
2.3.1
phpmyadminphpmyadmin
2.3.2
phpmyadminphpmyadmin
2.4.0
phpmyadminphpmyadmin
2.5.0
phpmyadminphpmyadmin
2.5.1
phpmyadminphpmyadmin
2.5.2
phpmyadminphpmyadmin
2.5.2_pl1:_pl1
phpmyadminphpmyadmin
2.5.3
phpmyadminphpmyadmin
2.5.4
phpmyadminphpmyadmin
2.5.5
phpmyadminphpmyadmin
2.5.5_pl1:_pl1
phpmyadminphpmyadmin
2.5.5_rc1:_rc1
phpmyadminphpmyadmin
2.5.5_rc2:_rc2
phpmyadminphpmyadmin
2.5.6_rc1:_rc1
phpmyadminphpmyadmin
2.5.6_rc2:_rc2
phpmyadminphpmyadmin
2.5.7
phpmyadminphpmyadmin
2.5.7_pl1:_pl1
phpmyadminphpmyadmin
2.6.0_pl1:_pl1
phpmyadminphpmyadmin
2.6.0_pl2:_pl2
phpmyadminphpmyadmin
2.6.0_pl3:_pl3
phpmyadminphpmyadmin
2.6.1
phpmyadminphpmyadmin
2.6.1_pl1:_pl1
phpmyadminphpmyadmin
2.6.1_pl3:_pl3
phpmyadminphpmyadmin
2.6.1_rc1:_rc1
phpmyadminphpmyadmin
2.6.2
phpmyadminphpmyadmin
2.6.2_dev:_dev
phpmyadminphpmyadmin
2.6.2_pl1:_pl1
phpmyadminphpmyadmin
2.6.2_rc1:_rc1
phpmyadminphpmyadmin
2.6.3
phpmyadminphpmyadmin
2.6.3_pl1:_pl1
phpmyadminphpmyadmin
2.6.4
phpmyadminphpmyadmin
2.6.4_pl1:_pl1
phpmyadminphpmyadmin
2.6.4_pl2:_pl2
phpmyadminphpmyadmin
2.6.4_pl3:_pl3
phpmyadminphpmyadmin
2.6.4_pl4:_pl4
phpmyadminphpmyadmin
2.6.4_rc1:_rc1
phpmyadminphpmyadmin
2.7
phpmyadminphpmyadmin
2.7.0
phpmyadminphpmyadmin
2.7.0_beta1:_beta1
phpmyadminphpmyadmin
2.7.0_pl1:_pl1
phpmyadminphpmyadmin
2.7.0_pl2:_pl2
phpmyadminphpmyadmin
2.7.0_rc1:_rc1
phpmyadminphpmyadmin
2.7_pl1:_pl1
phpmyadminphpmyadmin
2.8.0
phpmyadminphpmyadmin
2.8.0.1
phpmyadminphpmyadmin
2.8.0.2
phpmyadminphpmyadmin
2.8.0.3
phpmyadminphpmyadmin
2.8.1
phpmyadminphpmyadmin
2.8.1_dev:_dev
phpmyadminphpmyadmin
2.8.2
phpmyadminphpmyadmin
2.8.3
phpmyadminphpmyadmin
2.8.4
phpmyadminphpmyadmin
2.9
phpmyadminphpmyadmin
2.9.0
phpmyadminphpmyadmin
2.9.0.1
phpmyadminphpmyadmin
2.9.0.2
phpmyadminphpmyadmin
2.9.0.3
phpmyadminphpmyadmin
2.9.0_beta1:_beta1
phpmyadminphpmyadmin
2.9.0_dev:_dev
phpmyadminphpmyadmin
2.9.0_rc1:_rc1
phpmyadminphpmyadmin
2.9.1
phpmyadminphpmyadmin
2.9.1.1
phpmyadminphpmyadmin
2.9.1_rc1:_rc1
phpmyadminphpmyadmin
2.9.1_rc2:_rc2
phpmyadminphpmyadmin
2.9.2
phpmyadminphpmyadmin
2.9_rc1:_rc1
phpmyadminphpmyadmin
2.10.0
phpmyadminphpmyadmin
2.10.0.0
phpmyadminphpmyadmin
2.10.0.1
phpmyadminphpmyadmin
2.10.0.2
phpmyadminphpmyadmin
2.10.1
phpmyadminphpmyadmin
2.10.01
phpmyadminphpmyadmin
2.10.1.0
phpmyadminphpmyadmin
2.10.2
phpmyadminphpmyadmin
2.10.2.0
phpmyadminphpmyadmin
2.10.3
phpmyadminphpmyadmin
2.10.3.0
phpmyadminphpmyadmin
2.10.3rc1:rc1
phpmyadminphpmyadmin
2.11.0
phpmyadminphpmyadmin
2.11.0:beta1
phpmyadminphpmyadmin
2.11.0:rc1
phpmyadminphpmyadmin
2.11.0.0
phpmyadminphpmyadmin
2.11.0beta1:beta1
phpmyadminphpmyadmin
2.11.0rc1:rc1
phpmyadminphpmyadmin
2.11.1
phpmyadminphpmyadmin
2.11.1:rc1
phpmyadminphpmyadmin
2.11.1.0
phpmyadminphpmyadmin
2.11.1.1
phpmyadminphpmyadmin
2.11.1.2
phpmyadminphpmyadmin
2.11.1rc1:rc1
phpmyadminphpmyadmin
2.11.2
phpmyadminphpmyadmin
2.11.2.0
phpmyadminphpmyadmin
2.11.2.1
phpmyadminphpmyadmin
2.11.2.2
phpmyadminphpmyadmin
2.11.3
phpmyadminphpmyadmin
2.11.3:rc1
phpmyadminphpmyadmin
2.11.3.0
phpmyadminphpmyadmin
2.11.3rc1:rc1
phpmyadminphpmyadmin
2.11.4
phpmyadminphpmyadmin
2.11.4:rc1
phpmyadminphpmyadmin
2.11.4.0
phpmyadminphpmyadmin
2.11.4rc1:rc1
phpmyadminphpmyadmin
2.11.5
phpmyadminphpmyadmin
2.11.5:rc1
phpmyadminphpmyadmin
2.11.5.0
phpmyadminphpmyadmin
2.11.5.1
phpmyadminphpmyadmin
2.11.5.2
phpmyadminphpmyadmin
2.11.5rc1:rc1
phpmyadminphpmyadmin
2.11.6
phpmyadminphpmyadmin
2.11.6:rc1
phpmyadminphpmyadmin
2.11.6.0
phpmyadminphpmyadmin
2.11.6rc1:rc1
phpmyadminphpmyadmin
2.11.7
phpmyadminphpmyadmin
2.11.7.0
phpmyadminphpmyadmin
2.11.8
phpmyadminphpmyadmin
2.11.9
phpmyadminphpmyadmin
2.11.9.0
phpmyadminphpmyadmin
2.11.9.1
phpmyadminphpmyadmin
2.11.9.2
phpmyadminphpmyadmin
2.11.9.3
phpmyadminphpmyadmin
2.11.9.4
phpmyadminphpmyadmin
3.0.0
phpmyadminphpmyadmin
3.0.0-alpha
phpmyadminphpmyadmin
3.0.0-beta
phpmyadminphpmyadmin
3.0.0-rc1
phpmyadminphpmyadmin
3.0.1
phpmyadminphpmyadmin
3.0.1-rc1
phpmyadminphpmyadmin
3.0.1.1
phpmyadminphpmyadmin
3.1.0
phpmyadminphpmyadmin
3.1.0-beta1
phpmyadminphpmyadmin
3.1.0.0
phpmyadminphpmyadmin
3.1.1
phpmyadminphpmyadmin
3.1.1:rc1
phpmyadminphpmyadmin
3.1.2
phpmyadminphpmyadmin
3.1.2:rc1
phpmyadminphpmyadmin
3.1.3
phpmyadminphpmyadmin
3.1.3:1
phpmyadminphpmyadmin
3.1.3:rc1
phpmyadminphpmyadmin
3.1.3-rc1
phpmyadminphpmyadmin
3.1.3.1
phpmyadminphpmyadmin
3.1.3.2
phpmyadminphpmyadmin
3.1.4
phpmyadminphpmyadmin
3.1.4-rc2
phpmyadminphpmyadmin
3.1.5
phpmyadminphpmyadmin
3.1.5-rc1
phpmyadminphpmyadmin
3.2.0-beta1
phpmyadminphpmyadmin
3.2.0-rc1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
phpmyadmin
bullseye
4:5.0.4+dfsg2-2+deb11u1
fixed
etch
not-affected
lenny
not-affected
bookworm
4:5.2.1+dfsg-1
fixed
sid
4:5.2.1+dfsg-4
fixed
trixie
4:5.2.1+dfsg-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
phpmyadmin
jaunty
Fixed 4:3.1.2-1ubuntu0.1
released
intrepid
not-affected
hardy
not-affected
dapper
not-affected
Common Weakness Enumeration
References
http://secunia.com/advisories/35649
http://secunia.com/advisories/35715
http://www.mandriva.com/security/advisories?name=MDVSA-2009:192
http://www.phpmyadmin.net/home_page/security/PMASA-2009-5.php
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00150.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00152.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00256.html
http://secunia.com/advisories/35649
http://secunia.com/advisories/35715
http://www.mandriva.com/security/advisories?name=MDVSA-2009:192
http://www.phpmyadmin.net/home_page/security/PMASA-2009-5.php
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00150.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00152.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00256.html