Threat Encyclopedia



It indicates an attacker attempted to exploit a HTML Injection vulnerability in phpMyAdmin.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage, leading to other attacks.

affected-products-logoAffected Products

phpMyAdmin phpMyAdmin 2.6.3 -pl1 and earlier versions.


System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References