Home > Vulnerability Database > CVE-2009-3696

Mend.io Vulnerability Database

CVE-2009-3696

Good to know:

Date: October 16, 2009

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.

Language: PHP

Severity Score

3.7

Related Resources (22)

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:274

Url: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00490.html

Url: http://bugs.gentoo.org/show_bug.cgi?id=288899

Url: http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015/

Url: https://bugzilla.redhat.com/show_bug.cgi?id=528769

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-3696

Url: http://secunia.com/advisories/37016

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3696

Url: http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0/

Url: http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/2.11.9.6/phpMyAdmin-2.11.9.6-notes.html

Url: http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/53742

Url: http://www.securityfocus.com/bid/36658

Url: http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php

Url: http://freshmeat.net/projects/phpmyadmin/releases/306667

Url: http://freshmeat.net/projects/phpmyadmin/releases/306669

Url: http://marc.info/?l=oss-security&m=125561979001460&w=2

Url: http://www.vupen.com/english/advisories/2009/2899

Url: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00467.html

Url: http://marc.info/?l=oss-security&m=125553728512853&w=2

Url: http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.2.2.1/phpMyAdmin-3.2.2.1-notes.html

Url: https://www.mend.io/vulnerability-database/CVE-2009-3696

Severity Score

3.7

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

Top Fix

Upgrade Version

Upgrade to version RELEASE_2_11_9_6,RELEASE_3_2_2_1

Learn More

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-3696

Good to know:

Date: October 16, 2009

Language: PHP

Severity Score

Related Resources (22)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?