{"id":"CVE-2005-2869","details":"Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php.","modified":"2026-04-10T03:37:10.987432Z","published":"2005-09-08T23:03:00Z","related":["openSUSE-SU-2024:11171-1"],"references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/16605"},{"type":"ADVISORY","url":"http://secunia.com/advisories/17337"},{"type":"ADVISORY","url":"http://secunia.com/advisories/17559"},{"type":"ADVISORY","url":"http://secunia.com/advisories/17607"},{"type":"ADVISORY","url":"http://sourceforge.net/tracker/index.php?func=detail&aid=1240880&group_id=23067&atid=377408"},{"type":"ADVISORY","url":"http://sourceforge.net/tracker/index.php?func=detail&aid=1265740&group_id=23067&atid=377408"},{"type":"ADVISORY","url":"http://www.debian.org/security/2005/dsa-880"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2005_28_sr.html"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2005_66_phpmyadmin.html"},{"type":"EVIDENCE","url":"http://sourceforge.net/tracker/index.php?func=detail&aid=1240880&group_id=23067&atid=377408"},{"type":"EVIDENCE","url":"http://sourceforge.net/tracker/index.php?func=detail&aid=1265740&group_id=23067&atid=377408"}],"schema_version":"1.7.5"}