ID de Prueba:	1.3.6.1.4.1.25623.1.0.100067
Categoría:	Web application abuses
Título:	phpMyAdmin DB_Create.PHP Multiple Input Validation Vulnerabilities
Resumen:	phpMyAdmin is prone to multiple input-validation vulnerabilities, including a; cross-site scripting and a SQL-injection issue.
Descripción:	Summary: phpMyAdmin is prone to multiple input-validation vulnerabilities, including a cross-site scripting and a SQL-injection issue. Vulnerability Impact: A successful exploit may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Affected Software/OS: These issues affect versions prior to phpMyAdmin 2.11.2.1. Solution: Update to version 2.11.2.1 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5976 BugTraq ID: 26512 http://www.securityfocus.com/bid/26512 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00777.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:229 http://www.digitrustgroup.com/advisories/tdg-advisory071108a.html http://secunia.com/advisories/27630 http://secunia.com/advisories/27753 http://www.vupen.com/english/advisories/2007/3824 XForce ISS Database: phpmyadmin-dbcreate-sql-injection(38403) https://exchange.xforce.ibmcloud.com/vulnerabilities/38403 Common Vulnerability Exposure (CVE) ID: CVE-2007-5977 XForce ISS Database: phpmyadmin-dbcreate-xss(38404) https://exchange.xforce.ibmcloud.com/vulnerabilities/38404
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.