CVE-2010-4480 Information

Feb 14, 2021 cve

Description

error.php in PhpMyAdmin 3.3.8.1 and other versions before 3.4.0-beta1 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing @\ characters as demonstrated using [a@url@page].

Reference

http://secunia.com/advisories/42485 http://secunia.com/advisories/42725 http://www.debian.org/security/2010/dsa-2139 http://www.exploit-db.com/exploits/15699 http://www.mandriva.com/security/advisories?name=MDVSA-2011:000 http://www.phpmyadmin.net/home_page/security/PMASA-2010-9.php http://www.securityfocus.com/bid/45633 http://www.vupen.com/english/advisories/2010/3133 http://www.vupen.com/english/advisories/2011/0001 http://www.vupen.com/english/advisories/2011/0027 error.php in PhpMyAdmin 3.3.8.1 and other versions before 3.4.0-beta1 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing @
characters as demonstrated using [a@url@page].

Share on: