{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2005-03-01T05:00:00Z",
  "id": "CVE-2004-1055",
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://www.netvigilance.com/html/advisory0005.htm"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.netvigilance.com/html/advisory0005.htm"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-3"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18158"
    }
  ]
}