Vulnonym.org

CVE-2004-1055 - Toppling Dotterel

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter (2) the zero_rows parameter in read_dump.php (3) the confirm form or (4) an error message generated by the internal phpMyAdmin parser.

Reference

http://www.netvigilance.com/html/advisory0005.htm http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-3 https://exchange.xforce.ibmcloud.com/vulnerabilities/18158