CVE-2009-3696

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.

Published: Oct 16, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-3696
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
phpmyadmin / phpmyadmin	3.0.1.1	3.0.1.1.x
phpmyadmin / phpmyadmin	2.11.4	2.11.4.x
phpmyadmin / phpmyadmin	3.2.1	3.2.1.x
phpmyadmin / phpmyadmin	3.2.0-beta1	3.2.0-beta1.x
phpmyadmin / phpmyadmin	2.11.1.2	2.11.1.2.x
phpmyadmin / phpmyadmin	3.1.4	3.1.4.x
phpmyadmin / phpmyadmin	3.1.3-1	3.1.3-1.x
phpmyadmin / phpmyadmin	3.1.3	3.1.3.x
phpmyadmin / phpmyadmin	2.11.5.1	2.11.5.1.x
phpmyadmin / phpmyadmin	2.11.1	2.11.1.x
phpmyadmin / phpmyadmin	2.11.5.0	2.11.5.0.x
phpmyadmin / phpmyadmin	3.2.0	3.2.0.x
phpmyadmin / phpmyadmin	3.1.0-beta1	3.1.0-beta1.x
phpmyadmin / phpmyadmin	3.2.1-rc1	3.2.1-rc1.x
phpmyadmin / phpmyadmin	3.1.2	3.1.2.x
phpmyadmin / phpmyadmin	2.11.9.0	2.11.9.0.x
phpmyadmin / phpmyadmin	3.0.0-beta	3.0.0-beta.x
phpmyadmin / phpmyadmin	3.0.0-alpha	3.0.0-alpha.x
phpmyadmin / phpmyadmin	2.11.9.1	2.11.9.1.x
phpmyadmin / phpmyadmin	2.11.0-beta1	2.11.0-beta1.x
phpmyadmin / phpmyadmin	2.11.2	2.11.2.x
phpmyadmin / phpmyadmin	2.11.7	2.11.7.x
phpmyadmin / phpmyadmin	3.1.0	3.1.0.x
phpmyadmin / phpmyadmin	2.11.5	2.11.5.x
phpmyadmin / phpmyadmin	2.11.5.2	2.11.5.2.x
phpmyadmin / phpmyadmin	2.11.2.2	2.11.2.2.x
phpmyadmin / phpmyadmin	3.0.0	3.0.0.x
phpmyadmin / phpmyadmin	2.11.1-rc1	2.11.1-rc1.x
phpmyadmin / phpmyadmin	3.2.0.1	3.2.0.1.x
phpmyadmin / phpmyadmin	2.11.5-rc1	2.11.5-rc1.x
phpmyadmin / phpmyadmin	2.11.8	2.11.8.x
phpmyadmin / phpmyadmin	3.0.0-rc1	3.0.0-rc1.x
phpmyadmin / phpmyadmin	2.11.4.0	2.11.4.0.x
phpmyadmin / phpmyadmin	3.1.5-rc1	3.1.5-rc1.x
phpmyadmin / phpmyadmin	2.11.3	2.11.3.x
phpmyadmin / phpmyadmin	2.11.2.1	2.11.2.1.x
phpmyadmin / phpmyadmin	3.1.5	3.1.5.x
phpmyadmin / phpmyadmin	3.1.1-rc1	3.1.1-rc1.x
phpmyadmin / phpmyadmin	3.1.4-rc2	3.1.4-rc2.x
phpmyadmin / phpmyadmin	2.11.3-rc1	2.11.3-rc1.x
phpmyadmin / phpmyadmin	2.11.0-rc1	2.11.0-rc1.x
phpmyadmin / phpmyadmin	2.11.9.5	2.11.9.5.x
phpmyadmin / phpmyadmin	3.1.1	3.1.1.x
phpmyadmin / phpmyadmin	2.11.6.0	2.11.6.0.x
phpmyadmin / phpmyadmin	2.11.7.0	2.11.7.0.x
phpmyadmin / phpmyadmin	3.1.3-rc1	3.1.3-rc1.x
phpmyadmin / phpmyadmin	3.1.3.2	3.1.3.2.x
phpmyadmin / phpmyadmin	2.11.2.0	2.11.2.0.x
phpmyadmin / phpmyadmin	2.11.9.2	2.11.9.2.x
phpmyadmin / phpmyadmin	2.11.9.3	2.11.9.3.x
phpmyadmin / phpmyadmin	2.11.4-rc1	2.11.4-rc1.x
phpmyadmin / phpmyadmin	2.11.1.1	2.11.1.1.x
phpmyadmin / phpmyadmin	2.11.6	2.11.6.x
phpmyadmin / phpmyadmin	3.0.1	3.0.1.x
phpmyadmin / phpmyadmin	2.11.9	2.11.9.x
phpmyadmin / phpmyadmin	2.11.0beta1	2.11.0beta1.x
phpmyadmin / phpmyadmin	3.1.0.0	3.1.0.0.x
phpmyadmin / phpmyadmin	2.11.9.4	2.11.9.4.x
phpmyadmin / phpmyadmin	3.1.3.1	3.1.3.1.x
phpmyadmin / phpmyadmin	2.11.3.0	2.11.3.0.x
phpmyadmin / phpmyadmin	2.11.0.0	2.11.0.0.x
phpmyadmin / phpmyadmin	3.1.2-rc1	3.1.2-rc1.x
phpmyadmin / phpmyadmin	3.2.0-rc1	3.2.0-rc1.x
phpmyadmin / phpmyadmin	3.2.2	3.2.2.x
phpmyadmin / phpmyadmin	3.0.1-rc1	3.0.1-rc1.x
phpmyadmin / phpmyadmin	2.11.6-rc1	2.11.6-rc1.x
phpmyadmin / phpmyadmin	2.11.1.0	2.11.1.0.x
phpmyadmin / phpmyadmin	3.2.2-rc1	3.2.2-rc1.x
phpmyadmin / phpmyadmin	2.11.0	2.11.0.x

Vulnerability Database

289,782

CVE-2009-3696