S4E

CVE-2007-5728 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in phpPgAdmin affects v. 3.5 to 4.1.1, and possibly 4.1.2.

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

6 days

Scan only one

URL

Toolbox

-

PhpPgAdmin is a web-based administration tool for PostgreSQL databases. It provides a user-friendly interface for managing PostgreSQL databases, including creating tables, running SQL queries, and managing user accounts. The tool is widely used by database administrators and developers for managing their PostgreSQL databases.

CVE-2007-5728 is a cross-site scripting (XSS) vulnerability that was detected in phpPgAdmin versions 3.5 to 4.1.1, and possibly 4.1.2. The vulnerability allows remote attackers to inject arbitrary web scripts or HTML codes through certain input fields available in PHP_SELF such as redirect.php and login.php. This particular vulnerability is different from CVE-2007-2865, which had been previously detected in phpPgAdmin.

When exploited, the CVE-2007-5728 vulnerability can enable an attacker to run malicious code or scripts on the user's browser, allowing the hacker to hijack sensitive information such as login credentials and personal data. The attacker could also redirect users to malicious websites that could download malware or hijack the user's web browser. Furthermore, the hacker could use the exploit to gain access to the database server's network or even the entire system.

If you are concerned about vulnerabilities in your digital assets, s4e.io can help. Our pro features offer comprehensive vulnerability scanning and reporting, allowing you to quickly and easily uncover any security risks in your web applications, network, or servers. With s4e.io, you can rest assured that your digital assets are protected from potential threats and exploits.

 

REFERENCES

Get started to protecting your Free Full Security Scan