{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T17:37:31.870","vulnerabilities":[{"cve":{"id":"CVE-2006-5718","sourceIdentifier":"cve@mitre.org","published":"2006-11-04T01:07:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos (XSS) en error.php en phpMyAdmin 2.6.4 hasta la 2.9.0.2 permite a un atacante remoto inyectar secuencias de comandos web o HTML a través de codificaciones de caracteres UTF-7 or US-ASCII, lo cual son inyectados dentro de un mensaje de error, como se demostró por una respuesta con un el parámetro utf7 acompañado por datos UTF-7."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl1:*:*:*:*:*:*:*","matchCriteriaId":"80AAD482-064D-4CFB-A1AE-49095036485A"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl3:*:*:*:*:*:*:*","matchCriteriaId":"6758F7AC-0FCF-4F6C-8F40-DDF1BA998AB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl4:*:*:*:*:*:*:*","matchCriteriaId":"CD3C5C9D-A802-40F3-B3CE-593CFED745CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_rc1:*:*:*:*:*:*:*","matchCriteriaId":"D8FE9713-54BE-4A70-82F8-03B8E1915E2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.7:*:*:*:*:*:*:*","matchCriteriaId":"0611660F-F060-453C-8BE2-1599FE3FF9BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_beta1:*:*:*:*:*:*:*","matchCriteriaId":"892F5D72-1814-48A5-8CCA-A74EE9D633CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.7_pl1:*:*:*:*:*:*:*","matchCriteriaId":"4D3CE1C3-59FF-457F-8579-996CA60CF6AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.1:*:*:*:*:*:*:*","matchCriteriaId":"FCEF6246-C393-41BE-BABC-840585795D53"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.2:*:*:*:*:*:*:*","matchCriteriaId":"A2ACC829-CF64-4F20-8827-AA95002A6F5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.3:*:*:*:*:*:*:*","matchCriteriaId":"05D4C98E-D127-40EB-BE71-A6BB91D4392C"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.4:*:*:*:*:*:*:*","matchCriteriaId":"4C26B2DE-669F-4F79-99AE-3210662AAB85"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.9:*:*:*:*:*:*:*","matchCriteriaId":"E4B64201-5B5B-4D22-B341-C601DC54BFB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.9.1:*:*:*:*:*:*:*","matchCriteriaId":"E6354257-6B1A-4729-9EE2-19D3CD2AD62B"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.9.2:*:*:*:*:*:*:*","matchCriteriaId":"A8AF5A1A-328E-43A1-8C41-0DAB1F337FA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.9_rc1:*:*:*:*:*:*:*","matchCriteriaId":"B3130CFD-FF94-48D2-BF9A-D7FDD3CD6A97"}]}]}],"references":[{"url":"http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/22599","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/23086","source":"cve@mitre.org"},{"url":"http://www.hardened-php.net/advisory_122006.137.html","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.securityfocus.com/archive/1/450397/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/20856","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.vupen.com/english/advisories/2006/4298","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/29957","source":"cve@mitre.org"},{"url":"http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/22599","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/23086","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.hardened-php.net/advisory_122006.137.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.securityfocus.com/archive/1/450397/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/20856","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.vupen.com/english/advisories/2006/4298","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/29957","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}