VulnerableCode Vulnerability Details - VCID-v6cy-znq5-qfa1

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-v6cy-znq5-qfa1

Essentials
Severities (3)
References (7)
Severity details (0)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-v6cy-znq5-qfa1
Aliases	CVE-2008-4775
Summary	Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
Status	Published
Exploitability	2.0
Weighted Severity	0.1
Risk	0.2
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

System	Score	Found at
epss	0.08276	https://api.first.org/data/v1/epss?cve=CVE-2008-4775
epss	0.08276	https://api.first.org/data/v1/epss?cve=CVE-2008-4775
epss	0.08276	https://api.first.org/data/v1/epss?cve=CVE-2008-4775

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4775.json
		https://api.first.org/data/v1/epss?cve=CVE-2008-4775
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4775
468974		https://bugzilla.redhat.com/show_bug.cgi?id=468974
CVE-2008-4775;OSVDB-49692	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32531.txt
CVE-2008-4775;OSVDB-49692	Exploit	https://www.securityfocus.com/bid/31928/info
GLSA-200903-32		https://security.gentoo.org/glsa/200903-32

Data source	Exploit-DB
Date added	Oct. 27, 2008
Description	phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting
Ransomware campaign use	Known
Source publication date	Oct. 27, 2008
Exploit type	webapps
Platform	php
Source update date	March 26, 2014
Source URL	https://www.securityfocus.com/bid/31928/info

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.92386
EPSS Score	0.08276
Published At	June 4, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T17:07:09.573851+00:00	Debian Importer	Import	https://security-tracker.debian.org/tracker/data/json	38.6.0