Unrated severityNVD Advisory· Published May 16, 2006· Updated Jun 16, 2026
CVE-2006-2417
CVE-2006-2417
Description
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.0.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.0.3:*:*:*:*:*:*:*
- (no CPE)range: <2.8.0.4
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/20113nvdPatchVendor Advisory
- www.phpmyadmin.net/home_page/security.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/17973nvdPatch
- secunia.com/advisories/20627nvdVendor Advisory
- www.vupen.com/english/advisories/2006/1794nvdVendor Advisory
- lists.suse.com/archive/suse-security-announce/2006-Jun/0003.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26444nvd
News mentions
0No linked articles in our index yet.