Test ID:	1.3.6.1.4.1.25623.1.0.70587
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: phpMyAdmin
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: phpMyAdmin CVE-2011-4780 Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections. CVE-2011-4782 Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4780 BugTraq ID: 51226 http://www.securityfocus.com/bid/51226 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:198 Common Vulnerability Exposure (CVE) ID: CVE-2011-4782 XForce ISS Database: phpmyadmin-configfileclass-xss(71938) https://exchange.xforce.ibmcloud.com/vulnerabilities/71938
Copyright	Copyright (C) 2012 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.