Low severityNVD Advisory· Published Dec 22, 2011· Updated Jun 16, 2026
CVE-2011-4634
CVE-2011-4634
Description
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Database Synchronize panel; (2) a crafted database name, related to the Database rename panel; (3) a crafted SQL query, related to the table overview panel; (4) a crafted SQL query, related to the view creation dialog; (5) a crafted column type, related to the table search dialog; or (6) a crafted column type, related to the create index dialog.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpmyadmin/phpmyadminPackagist | >= 3.4.0, < 3.4.8 | 3.4.8 |
Affected products
13cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7.0:*:*:*:*:*:*:*
- (no CPE)range: <3.4.8
- ghsa-coords2 versions
>= 3.4.0, < 3.4.8+ 1 more
- (no CPE)range: >= 3.4.0, < 3.4.8
- (no CPE)range: < 4.6.5.2-1.1
Patches
Vulnerability mechanics
References
13- www.phpmyadmin.net/home_page/security/PMASA-2011-18.phpnvdPatchVendor AdvisoryWEB
- github.com/advisories/GHSA-9j9h-cpgc-8356ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-4634ghsaADVISORY
- lists.fedoraproject.org/pipermail/package-announce/2011-December/071040.htmlnvdWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cginvdWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cginvdWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cginvdWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cginvdWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cgighsaWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cgighsaWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cgighsaWEB
- phpmyadmin.git.sourceforge.net/git/gitweb.cgighsaWEB
- www.mandriva.com/security/advisoriesnvdWEB
News mentions
0No linked articles in our index yet.