CVE-2008-4326
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-4326
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
phpMyAdmin PMA_escapeJsString()跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
phpMyAdmin是用PHP编写的工具,用于通过WEB管理MySQL。 phpMyAdmin的libraries/js_escape.lib.php文件中的PMA_escapeJsString()函数存在跨站脚本漏洞。如果用户受骗访问了恶意网页的话,远程攻击者就可以绕过某些过滤器,在用户浏览器会话中执行任意HTML和脚本代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-4326
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-4326
Please Login to view more intelligence information
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8x_refsource_CONFIRM
- http://www.phpmyadmin.net/home_page/downloads.php?relnotes=1x_refsource_CONFIRM
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2008-4326
Same Patch Batch · n/a · 2008-09-30 · 41 CVEs total
| CVE-2008-4337 | Bitweaver跨站脚本漏洞 | |
| CVE-2008-4328 | EasyRealtorPRO 2008 site_search.php SQL注入漏洞 | |
| CVE-2008-4329 | openEngine cms/system/openengine.php PHP远程文件包含漏洞 | |
| CVE-2008-4330 | LanSuite index.php 目录遍历漏洞 | |
| CVE-2008-4331 | phpOCS library/pagefunctions.inc.php 目录遍历漏洞 | |
| CVE-2008-4332 | PHP infoBoard func.php SQL注入漏洞 | |
| CVE-2008-4333 | PHP infoBoard isname参数跨站脚本漏洞 | |
| CVE-2008-4334 | PHP infoBoard绕过认证和获得权限漏洞 | |
| CVE-2008-4335 | Atomic Photo Album album.php跨站脚本漏洞 | |
| CVE-2008-4336 | Atomic Photo Album 跨站脚本漏洞 | |
| CVE-2008-4094 | Ruby on Rails SQL注入漏洞 | |
| CVE-2008-4338 | Drupal Brilliant Gallery SQL注入漏洞 | |
| CVE-2008-4339 | Symantec Veritas NetBackup Java Administration GUI 远程权限提升漏洞 | |
| CVE-2008-4340 | Google Chrome 特定HTML拒绝服务漏洞 | |
| CVE-2008-4341 | MyBlog add.php绕过认证和权限提升漏洞 | |
| CVE-2008-4342 | NuMedia Soft NMS DVD Burning ActiveX控件覆盖和创建任意文件漏洞 | |
| CVE-2008-4343 | Chilkat XML ActiveX控件不安全方式调用漏洞 | |
| CVE-2008-4344 | 6rbScript cat.php SQL注入漏洞 | |
| CVE-2008-4325 | ViewVC 跨站脚本攻击漏洞 | |
| CVE-2008-4327 | Microsoft Windows GDI+ GDIPLUS.dll库ICO文件处理拒绝服务漏洞 |
Showing top 20 of 41 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo
V. Comments for CVE-2008-4326
No comments yet