CVE-2004-1055

Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions 2.6.0-pl2 and earlier

Description: The issue allows remote attackers to inject arbitrary web script or HTML via several parameters and components, including the PmaAbsoluteUri parameter, the zero rows parameter in read dump.php, the confirm form, or an error message generated by the internal phpMyAdmin parser.

Recommendations: For phpMyAdmin versions 2.6.0-pl2 and earlier, update to a version later than 2.6.0-pl2 to resolve the issue.