fkie_cve-2005-0992
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=111264361622660&w=2
cve@mitre.orghttp://secunia.com/advisories/14799Vendor Advisory
cve@mitre.orghttp://www.arrelnet.com/advisories/adv20050403.htmlVendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200504-08.xmlPatch, Vendor Advisory
cve@mitre.orghttp://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/12982Exploit, Patch
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/19940
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=111264361622660&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/14799Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.arrelnet.com/advisories/adv20050403.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200504-08.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/12982Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/19940
Impacted products
Vendor Product Version
phpmyadmin phpmyadmin 2.0
phpmyadmin phpmyadmin 2.0.1
phpmyadmin phpmyadmin 2.0.2
phpmyadmin phpmyadmin 2.0.3
phpmyadmin phpmyadmin 2.0.4
phpmyadmin phpmyadmin 2.0.5
phpmyadmin phpmyadmin 2.1
phpmyadmin phpmyadmin 2.1.1
phpmyadmin phpmyadmin 2.1.2
phpmyadmin phpmyadmin 2.2
phpmyadmin phpmyadmin 2.2.2
phpmyadmin phpmyadmin 2.2.3
phpmyadmin phpmyadmin 2.2.4
phpmyadmin phpmyadmin 2.2.5
phpmyadmin phpmyadmin 2.2.6
phpmyadmin phpmyadmin 2.2_pre1
phpmyadmin phpmyadmin 2.2_pre2
phpmyadmin phpmyadmin 2.2_rc1
phpmyadmin phpmyadmin 2.2_rc2
phpmyadmin phpmyadmin 2.2_rc3
phpmyadmin phpmyadmin 2.3.1
phpmyadmin phpmyadmin 2.3.2
phpmyadmin phpmyadmin 2.4.0
phpmyadmin phpmyadmin 2.5.0
phpmyadmin phpmyadmin 2.5.1
phpmyadmin phpmyadmin 2.5.2
phpmyadmin phpmyadmin 2.5.3
phpmyadmin phpmyadmin 2.5.4
phpmyadmin phpmyadmin 2.5.5
phpmyadmin phpmyadmin 2.5.5_pl1
phpmyadmin phpmyadmin 2.5.5_rc1
phpmyadmin phpmyadmin 2.5.5_rc2
phpmyadmin phpmyadmin 2.5.6_rc1
phpmyadmin phpmyadmin 2.5.7
phpmyadmin phpmyadmin 2.5.7_pl1
phpmyadmin phpmyadmin 2.6.0_pl1
phpmyadmin phpmyadmin 2.6.0_pl2
phpmyadmin phpmyadmin 2.6.0_pl3
phpmyadmin phpmyadmin 2.6.1
phpmyadmin phpmyadmin 2.6.1_pl1
phpmyadmin phpmyadmin 2.6.1_pl3
phpmyadmin phpmyadmin 2.6.1_rc1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A423F0-91C8-48C9-A6B1-46DBB1A31DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59384A5A-F530-4417-8AFB-005EE4A54A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85CFC048-C7C5-47E6-A7E9-E1ED99142493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "120A58AE-69B7-426D-947D-9C0D9D9CE1E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1CEFBE-9194-4350-9F81-2EA6EDF52AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "980AC0DB-2759-49D3-8347-C119AFFF8DBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CABC8407-173D-466B-B366-5F7F5D9F2F14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1D2743D-5B67-4D6A-9A03-FCF9EA4534A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2535BF-A7BE-40DD-9582-0DE66B8FDC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40B0D6C2-AF9E-4395-861D-64502D82589A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F666B78D-5DC9-4256-8A23-A4021AE7044A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "096B01B4-3CD4-4CB4-8528-D1DB0D0BFB44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "229DE8B7-489B-4848-B1BE-2339CB771573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9BC58E6-CA26-4760-A6A4-D65184A50539",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE7C97E-60C6-417F-86F7-963ADE52A895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_pre1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF189AE-9485-4F8C-AAAE-25088DF6F964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_pre2:*:*:*:*:*:*:*",
              "matchCriteriaId": "643C7F9B-B8C5-4C76-B706-F8CB5A800936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "560BC57D-BDCE-4479-9847-6DB53A89FFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4859644F-E5FF-4AE4-B16D-CC2243964D81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_rc3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD44FE0C-C9A5-4B2E-AE71-CFDE406DCA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3DE653E-E7FF-4DE0-A7C8-CC86C95550F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "48888218-B238-4F0D-A4C2-E9877D3F3A4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A393256A-A5BE-4467-8058-E9CA5D626D59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9C4839-2356-4630-BDB3-4A0171F3A785",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22C55462-6370-45B3-8F00-50F4502981F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BBE005-1FEC-4178-A6A0-CAAB148948F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47F3385-8681-4A7D-BF64-8F6EA7FBDFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D2E7577-5F89-4B2C-9C28-A5268B539968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "929F5CD6-51F3-42CF-8BA8-579120DD835D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F86B56F-510F-4C6F-A259-6200DC2B05ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "92B58A87-7A30-494D-9A9A-AF9FE6E59600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F56E2F91-DC93-4FF0-AFF2-DBB5E13B467D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.6_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C2D276-CFA3-40CB-AEAF-C641BAD4EB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF345665-3C1D-4F44-B648-B695D88267BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.7_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99FD7D45-135D-4AE7-83E0-FDFE436DFE4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.0_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7C3F2E1-FEFC-4C04-B337-7AC3E38AE430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.0_pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C525B9-636F-49B9-B528-50AEB0E98F4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.0_pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB3EBBF-E696-48D1-B3BA-B3C88C050F12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74632C65-6711-4425-A43F-CCF1664C8542",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD740315-190A-43B7-8399-9B72FA592AD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1_pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "794AE77E-843C-4CB4-9462-E4FE8C4C2896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E291BCAA-E2B5-4127-92DA-0BD48EACB6B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter."
    }
  ],
  "id": "CVE-2005-0992",
  "lastModified": "2024-11-20T23:56:21.113",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-02T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=111264361622660\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/14799"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.arrelnet.com/advisories/adv20050403.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200504-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/12982"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=111264361622660\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/14799"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.arrelnet.com/advisories/adv20050403.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200504-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/12982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19940"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.