CVE-2008-2960

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions prior to 2.11.7

Description The issue is related to a cross-site scripting (XSS) vulnerability. This occurs when an attacker can inject arbitrary web script or HTML into a website, potentially allowing them to steal user data or take control of the user's session. The vulnerability is exploitable when register globals is enabled and .htaccess support is disabled, involving scripts in the libraries/ directory.

Recommendations For versions prior to 2.11.7, update to version 2.11.7 or later to resolve the issue. As a temporary workaround, consider disabling register globals or enabling .htaccess support to minimize the risk of exploitation.