ID de Prueba:	1.3.6.1.4.1.25623.1.0.103232
Categoría:	Web application abuses
Título:	phpMyAdmin Tracking Feature Multiple Cross Site Scripting Vulnerabilities
Resumen:	phpMyAdmin is prone to multiple cross-site scripting vulnerabilities; because it fails to sufficiently sanitize user-supplied data.
Descripción:	Summary: phpMyAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Vulnerability Impact: An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Affected Software/OS: phpMyAdmin 3.3.0 to 3.4.3.2 are vulnerable. Solution: Updates are available. Please see the references for more details. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3181 BugTraq ID: 49306 http://www.securityfocus.com/bid/49306 Debian Security Information: DSA-2391 (Google Search) http://www.debian.org/security/2012/dsa-2391 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065854.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065824.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065829.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:158 http://secunia.com/advisories/45709 http://secunia.com/advisories/45990
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.