Search for vulnerabilities
Vulnerability details: VCID-68cy-6u5d-hubd
Vulnerability ID VCID-68cy-6u5d-hubd
Aliases CVE-2011-4782
GHSA-2h23-c973-x63q
Summary phpMyAdmin Cross-site Scripting vulnerability Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
Status Published
Exploitability 0.5
Weighted Severity 2.7
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual LOW http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html
generic_textual LOW http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html
generic_textual LOW http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
generic_textual LOW http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
epss 0.00475 https://api.first.org/data/v1/epss?cve=CVE-2011-4782
generic_textual LOW https://exchange.xforce.ibmcloud.com/vulnerabilities/71938
cvssv3.1_qr LOW https://github.com/advisories/GHSA-2h23-c973-x63q
generic_textual LOW https://github.com/phpmyadmin/phpmyadmin
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2011-4782
generic_textual LOW http://www.mandriva.com/security/advisories?name=MDVSA-2011:198
generic_textual LOW http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
Reference id Reference type URL
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html
http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
https://api.first.org/data/v1/epss?cve=CVE-2011-4782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4782
https://exchange.xforce.ibmcloud.com/vulnerabilities/71938
https://github.com/phpmyadmin/phpmyadmin
https://nvd.nist.gov/vuln/detail/CVE-2011-4782
http://www.mandriva.com/security/advisories?name=MDVSA-2011:198
http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
GHSA-2h23-c973-x63q https://github.com/advisories/GHSA-2h23-c973-x63q
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.63885
EPSS Score 0.00475
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:08:50.379050+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-2h23-c973-x63q/GHSA-2h23-c973-x63q.json 37.0.0