Unrated severityNVD Advisory· Published May 16, 2006· Updated Jun 16, 2026

CVE-2006-2418

Description

Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

PhpMyAdmin/phpMyAdmin2 versions
cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.0.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:2.8.0.3:*:*:*:*:*:*:*
- (no CPE)range: <2.8.0.4

Patches

Vulnerability mechanics

References

lists.suse.com/archive/suse-security-announce/2006-Jun/0003.htmlnvdPatch
secunia.com/advisories/20113nvdPatchVendor Advisory
secunia.com/advisories/20627nvdPatchVendor Advisory
secunia.com/advisories/22781nvdPatchVendor Advisory
www.debian.org/security/2006/dsa-1207nvdPatchVendor Advisory
www.phpmyadmin.net/home_page/security.phpnvdPatchVendor Advisory
www.securityfocus.com/bid/17973nvdPatch
www.vupen.com/english/advisories/2006/1794nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26441nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000