Cross-Site Scripting Vulnerability in phpPgAdmin Affects Multiple Versions
CVE-2012-1600

Currently unrated

Key Information:

Vendor: PHPpgadmin Project
Status: PHPpgadmin
Vendor: CVE Published:; 14 May 2014

🔔 Create PHPpgadmin Project Vulnerability Alert

What is CVE-2012-1600?

Multiple cross-site scripting (XSS) vulnerabilities exist in the functions.php file of phpPgAdmin versions prior to 5.0.4. These security flaws allow remote attackers to execute arbitrary web scripts or HTML by manipulating the 'name' or 'type' parameters of functions. Exploitation of this vulnerability can lead to unauthorized actions on behalf of the user and could compromise sensitive information.

References

http://www.securityfocus.com/bid/52761

vdb-entryx_refsource_BID

http://www.postgresql.org/message-id/4F6B447C.6080204%40d...

x_refsource_CONFIRM

http://lists.opensuse.org/opensuse-updates/2012-04/msg000...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
May 14, 2014
Vulnerability Reserved
Mar 12, 2012

JSON