CVE-2011-4782
22.12.2011, 20:55
Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
| Vendor | Product | Version |
|---|---|---|
| phpmyadmin | phpmyadmin | 3.4.0.0 |
| phpmyadmin | phpmyadmin | 3.4.1.0 |
| phpmyadmin | phpmyadmin | 3.4.2.0 |
| phpmyadmin | phpmyadmin | 3.4.3.0 |
| phpmyadmin | phpmyadmin | 3.4.3.1 |
| phpmyadmin | phpmyadmin | 3.4.3.2 |
| phpmyadmin | phpmyadmin | 3.4.4.0 |
| phpmyadmin | phpmyadmin | 3.4.5.0 |
| phpmyadmin | phpmyadmin | 3.4.6.0 |
| phpmyadmin | phpmyadmin | 3.4.7.0 |
| phpmyadmin | phpmyadmin | 3.4.8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References