This script is Copyright (C) 2003-2011 Tenable Network Security, Inc.
The remote web server contains a PHP application that suffers from
The remote host is running a version of phpMyAdmin that is vulnerable
to several attacks :
- It may be tricked into disclosing the physical path of the remote PHP
- It is vulnerable to cross-site scripting that could allow an attacker
to steal the cookies of your users.
- It is vulnerable to a flaw that could allow an attacker to list the
contents of arbitrary directories on the remote server.
An attacker could use these flaws to gain more knowledge about the remote
host and therefore set up more complex attacks against it.
See also :
Upgrade to phpMyAdmin 2.5.2 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true