Detections
Analytics
phpMyAdmin 3.4.x < 3.4.9 XSS (PMASA-2011-19 - PMASA-2011-20)
medium Nessus Plugin ID 57372
Language:
Synopsis
The remote web server hosts a PHP application that is affected by two cross-site scripting vulnerabilities.Description
The version of phpMyAdmin hosted on the remote web server is 3.4.x less than 3.4.9 and thus is reportedly affected by two cross-site scripting vulnerabilities :- The 'libraries/display_export.lib.php' script does not properly sanitize the '$_GET' array elements 'limit_to', 'limit_from' and 'filename_template' before returning it to the client. (CVE-2011-4780)
- The 'libraries/config/ConfigFile.class.php' script does not properly sanitize input in the '$host' parameter before returning it to the client. Note that this issue relates to the '/setup' directory and configuration of the application and should not be exploitable if the recommended installation steps have been performed.
(CVE-2011-4782)
Solution
Upgrade to phpMyAdmin version 3.4.9 or later.See Also
http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php
Plugin Details
Severity: Medium
ID: 57372
File Name: phpmyadmin_pmasa_2011_20.nasl
Version: 1.13
Type: remote
Family: CGI abuses : XSS
Published: 12/22/2011
Updated: 4/11/2022
Configuration: Enable paranoid mode, Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.8
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: cpe:/a:phpmyadmin:phpmyadmin
Required KB Items: www/PHP, Settings/ParanoidReport, www/phpMyAdmin
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Patch Publication Date: 12/21/2011
Vulnerability Publication Date: 12/21/2011
Reference Information
CVE: CVE-2011-4780, CVE-2011-4782