CVE Database · CVE-2007-5728
CVSS v3.1
N/A
EPSS
14.64%
Published
Oct 30, 2007
Modified
Apr 22, 2026
Public PoC / Exploit (3)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.
Weaknesses (CWE)
Affected Products (4)
References (18)
