ID de Prueba:	1.3.6.1.4.1.25623.1.0.100761
Categoría:	Web application abuses
Título:	phpMyAdmin Multiple Cross Site Scripting Vulnerabilities
Resumen:	phpMyAdmin is prone to multiple cross-site scripting vulnerabilities; because it fails to properly sanitize user-supplied input.
Descripción:	Summary: phpMyAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Vulnerability Impact: An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Affected Software/OS: phpMyAdmin 2.11.x prior to 2.11.10.1 phpMyAdmin 3.x prior to 3.3.5.1 Solution: Updates are available. Please see the references for details. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3056 BugTraq ID: 42584 http://www.securityfocus.com/bid/42584 Debian Security Information: DSA-2097 (Google Search) http://www.debian.org/security/2010/dsa-2097 http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045991.html http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045997.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:163 http://www.mandriva.com/security/advisories?name=MDVSA-2010:164 http://yehg.net/lab/pr0js/advisories/phpmyadmin/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting%28XSS%29 http://secunia.com/advisories/41000 http://secunia.com/advisories/41185 http://www.vupen.com/english/advisories/2010/2223 http://www.vupen.com/english/advisories/2010/2231
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.