severity 362567 important thanks I'm lowering the bug severity, because it is not exploitable if register_globals are disabled and it is the default configuration for Debian.
On Friday 14 April 2006 10:53, Stefan Fritsch wrote: > Package: phpmyadmin > Severity: grave > Tags: security > > CVE-2006-1678: > Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin > before 2.8.0.3 allow remote attackers to inject arbitrary web script > or HTML via unknown vectors in unspecified scripts in the themes > directory. > > Please mention the CVE id in the changelog. -- .''`. Piotr Roszatycki : :' : mailto:[EMAIL PROTECTED] `. `' mailto:[EMAIL PROTECTED] `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]