2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2005-3787" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2005-11-24T01:03:00.000" ,
2024-11-22 01:07:11 +00:00
"lastModified" : "2024-11-21T00:02:40.823" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N" ,
2024-11-22 01:07:11 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
2024-11-22 01:07:11 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-Other"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9C3663CE-AF25-4A0A-811E-DE58B7E5D934"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.7_pl1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ADDE752A-19A1-4910-9C56-0FDFFA367E30"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.2_pl1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "701F99C8-D803-4D28-AFDA-B3DB5EBD5EEA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A47F3385-8681-4A7D-BF64-8F6EA7FBDFE3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6D2E7577-5F89-4B2C-9C28-A5268B539968"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_pl1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F86B56F-510F-4C6F-A259-6200DC2B05ED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.6_rc2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6F6E3468-78AF-471C-A09E-1ACCC6867256"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.7_pl1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "99FD7D45-135D-4AE7-83E0-FDFE436DFE4E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.0_pl3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DFB3EBBF-E696-48D1-B3BA-B3C88C050F12"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1_pl3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "794AE77E-843C-4CB4-9462-E4FE8C4C2896"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2_pl1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DCE1E983-6EA4-4E0F-B7F8-B0070F8A3752"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.3_pl1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D1600D28-5583-4FA2-835F-BCE10813DB61"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6758F7AC-0FCF-4F6C-8F40-DDF1BA998AB9"
}
]
}
]
}
] ,
"references" : [
2024-04-04 08:46:00 +00:00
{
"url" : "http://secunia.com/advisories/17578" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://secunia.com/advisories/18618" ,
"source" : "cve@mitre.org"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-7" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.securityfocus.com/archive/1/423142/100/0/threaded" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.securityfocus.com/bid/16389" ,
"source" : "cve@mitre.org"
2024-11-22 01:07:11 +00:00
} ,
{
"url" : "http://secunia.com/advisories/17578" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://secunia.com/advisories/18618" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-7" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.securityfocus.com/archive/1/423142/100/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/bid/16389" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}