CVEs-PoC/2016/CVE-2016-2561.md at 183d1f8677d424ca51cab102bc615f8bcebb511d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 19:17:37 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1) normalization.php or (2) js/normalization.js in the database normalization page, (3) templates/database/structure/sortable_header.phtml in the database structure page, or (4) the pos parameter to db_central_columns.php in the central columns page.

POC

Reference

https://github.com/phpmyadmin/phpmyadmin/commit/f33a42f1da9db943a67bda7d29f7dd91957a8e7e
https://github.com/phpmyadmin/phpmyadmin/commit/f33a42f1da9db943a67bda7d29f7dd91957a8e7e

Github

No PoCs found on GitHub currently.

1.0 KiB Raw Blame History

CVE-2016-2561

Description

POC

Reference

Github

1.0 KiB

Raw Blame History