CVE-2007-5589

EPSS 11.42% · P94 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-5589

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

phpMyAdmin 多个跨站脚本攻击漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

phpMyAdmin 2.11.1.2版本之前的版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(1) (a) server_status.php,和(b) grab_globals.lib.php, (c) display_change_password.lib.php, 和(d)libraries/的common.lib.php中的PHP_SELF的特制的可用输入; 和PHP_SELF以及(2) libraries/common.inc.php中的PATH_INFO中的可用输入，注入任意web脚本或

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-5589

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-5589

请登录查看更多情报信息。

http://www.digitrustgroup.com/advisories/TDG-advisory071015a.htmlx_refsource_MISC
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_1/phpMyAdmin/ChangeLog?r1=10796&r2=10795&pathrev=10796x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=333661x_refsource_CONFIRM
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-6x_refsource_CONFIRM
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=10796x_refsource_CONFIRM
http://osvdb.org/37939vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/27246third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/26301vdb-entryx_refsource_BID
http://secunia.com/advisories/27506third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27595third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29323third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2007/dsa-1403vendor-advisoryx_refsource_DEBIAN
http://www.vupen.com/english/advisories/2007/3535vdb-entryx_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2007:199vendor-advisoryx_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.htmlvendor-advisoryx_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00040.htmlvendor-advisoryx_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/37292vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2007-5589

Same Patch Batch · n/a · 2007-10-19 · 45 CVEs total

CVE-2007-5588		mnoGoSearch 'search.cgi' T 参数跨站脚本攻击漏洞
CVE-2007-5592		awzMB 多个PHP远程文件包含漏洞
CVE-2007-5591		Nortel CS1000 ELAN端口远程拒绝服务漏洞
CVE-2007-5593		Drupal 代码注入漏洞
CVE-2007-5596		Drupal Prior 核心上传模块whitelist 跨站脚本攻击漏洞
CVE-2007-5597		Drupal Prior hook_comments API 安全绕过漏洞
CVE-2007-5598		Drupal Weblinks跨站脚本攻击漏洞
CVE-2007-5599		awrate.com 404.PHP and TopBar.PHP 多个远程文件包含漏洞
CVE-2007-5600		Artmedic Webdesign CMS 'index.php' 代码注入漏洞
CVE-2007-5595		Drupal Prior 'common.inc'drupal_goto函数CRLF注入漏洞
CVE-2007-5590		Miranda IM多个远程栈溢出漏洞
CVE-2007-5380		Ruby on Rails web会话劫持漏洞
CVE-2007-5379		Ruby on Rails ActiveResource服务器Hash.from_xml多个安全漏洞
CVE-2007-5587		Macrovision SafeDisc SecDRV.SYS驱动本地权限提升漏洞(MS07-067)
CVE-2007-5585		XScreenSaver 'xscreensaver-gl-helper' 屏幕安全绕过漏洞
CVE-2003-1400		PHP-Nuke Avatar HTML注入漏洞
CVE-2003-1399		Eject本地信息泄露漏洞
CVE-2003-1398		Cisco IOS ICMP重定向路由表修改漏洞
CVE-2003-1397		Opera 缓冲区错误漏洞
CVE-2003-1396		Opera 缓冲区错误漏洞

Showing top 20 of 45 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-5589

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-5589

I. Basic Information for CVE-2007-5589

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-5589

III. Intelligence Information for CVE-2007-5589

Same Patch Batch · n/a · 2007-10-19 · 45 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-5589

Leave a comment