Unrated severityNVD Advisory· Published Oct 8, 2011· Updated Jun 16, 2026
CVE-2011-3598
CVE-2011-3598
Description
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19cpe:2.3:a:phppgadmin:phppgadmin:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:phppgadmin:phppgadmin:*:*:*:*:*:*:*:*range: <=5.0.2
- cpe:2.3:a:phppgadmin:phppgadmin:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:3.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:phppgadmin:phppgadmin:5.0.1:*:*:*:*:*:*:*
- (no CPE)range: <5.0.3
Patches
Vulnerability mechanics
References
16- sourceforge.net/mailarchive/forum.phpnvdPatch
- www.openwall.com/lists/oss-security/2011/10/04/1nvdPatch
- www.openwall.com/lists/oss-security/2011/10/04/10nvdPatch
- bugzilla.redhat.com/show_bug.cginvdPatch
- github.com/phppgadmin/phppgadmin/commit/1df248203de055f97e092b50b1dd9643ccb73842nvdPatch
- secunia.com/advisories/46248nvdVendor Advisory
- freshmeat.net/projects/phppgadmin/releases/336969nvd
- lists.fedoraproject.org/pipermail/package-announce/2011-October/067843.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-October/067846.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-October/068009.htmlnvd
- lists.opensuse.org/opensuse-updates/2012-04/msg00033.htmlnvd
- osvdb.org/75997nvd
- osvdb.org/75998nvd
- secunia.com/advisories/46426nvd
- www.securityfocus.com/bid/49914nvd
- bugs.gentoo.org/show_bug.cginvd
News mentions
0No linked articles in our index yet.