Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-ne75-u4sh-3ue7
Vulnerability ID VCID-ne75-u4sh-3ue7
Aliases CVE-2006-2031
Summary Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00409 https://api.first.org/data/v1/epss?cve=CVE-2006-2031
epss 0.00409 https://api.first.org/data/v1/epss?cve=CVE-2006-2031
epss 0.00409 https://api.first.org/data/v1/epss?cve=CVE-2006-2031
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2006-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2031
363519 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363519
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.61591
EPSS Score 0.00409
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T17:07:07.851953+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0