CVE-2007-5386
EPSS 11.8%phpmyadmin - cross-site scripting
Published: 10/12/2007Modified: 5/7/2026
Description
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
Affected packages (2)
- Debian/phpmyadminfrom 0, < 4:2.11.1.2-1
- Debian/phpmyadminfrom 0, < 4:2.6.2-3sarge6