This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
The remote web server contains a PHP application that is affected by
a cross-site scripting vulnerability.
The version of phpMyAdmin hosted on the remote server is 3.4.x prior
to 3.4.8 and is affected by a cross-site scripting vulnerability. The
database name is not properly sanitized in the file
'js/db_operations.js' when attempting to rename a database.
Note that this version is reportedly affected by several other cross-
site scripting vulnerabilities. However, Nessus has not tested for
See also :
Either apply the vendor patches or upgrade to phpMyAdmin version
3.4.8 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true