Vulnerabilities > Phppgadmin > Phppgadmin > 4.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-08 | CVE-2011-3598 | Cross-Site Scripting vulnerability in PHPpgadmin Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php. | 4.3 |
2008-12-16 | CVE-2008-5587 | Path Traversal vulnerability in PHPpgadmin Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. | 4.3 |
2007-10-30 | CVE-2007-5728 | Cross-Site Scripting vulnerability in PHPpgadmin Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865. | 4.3 |
2007-05-25 | CVE-2007-2865 | Cross-Site Scripting vulnerability in PHPpgadmin 4.1.1 Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter. | 9.3 |