FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpMyAdmin -- multiple XSS vulnerabilities

Affected packages
phpMyAdmin < 3.4.5


VuXML ID e44fe906-df27-11e0-a333-001cc0a36e12
Discovery 2011-09-11
Entry 2011-09-14

phpMyAdmin development team reports:

Firstly, if a row contains javascript code, after inline editing this row and saving, the code is executed. Secondly, missing sanitization on the db, table and column names leads to XSS vulnerabilities.

Versions 3.4.0 to 3.4.4 were found vulnerable.