Cross-Site Scripting Vulnerability in phpPgAdmin by phpPgAdmin
CVE-2007-5728

Currently unrated

Key Information:

Vendor

PHPpgadmin

Status
PHPpgadmin
Vendor
CVE Published:
30 October 2007

What is CVE-2007-5728?

A cross-site scripting (XSS) vulnerability in phpPgAdmin versions 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web scripts or HTML via input available in PHP_SELF within the redirect.php file. This vulnerability may also be related to the login.php file, exposing users to various malicious activities such as session hijacking or redirection to malicious websites.

References

http://secunia.com/advisories/27756
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/36699
vdb-entryx_refsource_OSVDB
http://lists.grok.org.uk/pipermail/full-disclosure/2007-M...
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.