Search for vulnerabilities
Vulnerability details: VCID-6prg-vq7d-dfcc
Vulnerability ID VCID-6prg-vq7d-dfcc
Aliases CVE-2013-4997
GHSA-5gh4-v2ch-pcx4
Summary phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2013-4997
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-5gh4-v2ch-pcx4
generic_textual MODERATE https://github.com/phpmyadmin/composer
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2013-4997
generic_textual MODERATE http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2013-4997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4997
https://github.com/phpmyadmin/composer
https://nvd.nist.gov/vuln/detail/CVE-2013-4997
http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
GHSA-5gh4-v2ch-pcx4 https://github.com/advisories/GHSA-5gh4-v2ch-pcx4
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.49552
EPSS Score 0.00263
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:16:02.238861+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5gh4-v2ch-pcx4/GHSA-5gh4-v2ch-pcx4.json 37.0.0