CVE-2007-5977

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
Configurations

Configuration 1

cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*

Information

Published : 2007-11-15 12:46

Updated : 2017-07-29 01:33


NVD link : CVE-2007-5977

Mitre link : CVE-2007-5977

Products Affected
No products.
CWE