Vigil@nce: phpMyAdmin, Cross Site Scripting of bookmark
July 2009 by Vigil@nce
An attacker can use the bookmark feature to generate a Cross Site
Scripting in phpMyAdmin.
– Severity: 2/4
– Consequences: client access/rights
– Provenance: document
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 02/07/2009
IMPACTED PRODUCTS
– Fedora
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The phpMyAdmin server is used to administer a MySQL database via a
web browser. The "bookmark" feature memorizes SQL queries which
are frequently used.
The PMA_formatSql() function of the libraries/common.lib.php file
formats a SQL query, to display it in text or HTML. However,
special characters contained in the query are not filtered before
being displayed.
An attacker can therefore use the bookmark feature to generate a
Cross Site Scripting in phpMyAdmin.
CHARACTERISTICS
– Identifiers: BID-35543, CVE-2009-2284, FEDORA-2009-7329,
FEDORA-2009-7337, FEDORA-2009-7340, PMASA-2009-5,
VIGILANCE-VUL-8834
– Url: http://vigilance.fr/vulnerability/phpMyAdmin-Cross-Site-Scripting-of-bookmark-8834