Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-PVR5-84GR-G985
HistoryMay 14, 2022 - 2:05 a.m.

phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page

2022-05-1402:05:34
CWE-79
GitHub Advisory Database
github.com
8
phpmyadmin
xss
vulnerability
server monitor page
sql
debug
remote
authenticated
web script
html
database interface
server status monitor
software

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

EPSS

0.002

Percentile

56.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.

Affected configurations

Vulners
Node
phpmyadminphpmyadminRange4.2.04.2.10.1
OR
phpmyadminphpmyadminRange4.1.04.1.14.6
OR
phpmyadminphpmyadminRange4.0.04.0.10.5
VendorProductVersionCPE
phpmyadminphpmyadmin*cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*

Related

openvas 5
prion 1
osv 2
debiancve 1
nvd 1
phpmyadmin 1
mageia 1
nessus 7
freebsd 1
fedora 3
ubuntucve 1
cvelist 1
cve 1
securityvulns 2
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2014-13521
2014-10-29 00:00:00
phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities (Nov 2014) - Windows
2017-08-21 00:00:00
Fedora Update for phpMyAdmin FEDORA-2014-13504
2014-11-01 00:00:00
prion
prion
Cross site scripting
2014-11-05 11:55:00
osv
osv
phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
2022-05-14 02:05:34
phpMyAdmin-4.6.5.2-1.1 on GA media
2024-06-15 00:00:00
debiancve
debiancve
CVE-2014-8326
2014-11-05 11:55:07
nvd
nvd
CVE-2014-8326
2014-11-05 11:55:07
phpmyadmin
phpmyadmin
XSS vulnerabilities in SQL debug output and server monitor page.
2014-10-21 00:00:00
mageia
mageia
Updated phpmyadmin package fixes security vulnerability
2014-10-23 17:27:57
nessus
nessus
Fedora 20 : phpMyAdmin-4.2.10.1-1.fc20 (2014-13521)
2014-10-29 00:00:00
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:208)
2014-10-27 00:00:00
FreeBSD : phpMyAdmin -- XSS vulnerabilities in SQL debug output and server monitor page. (25b78f04-59c8-11e4-b711-6805ca0b3d42)
2014-10-23 00:00:00
freebsd
freebsd
phpMyAdmin -- XSS vulnerabilities in SQL debug output and server monitor page.
2014-10-21 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.10.1-1.fc20
2014-10-28 06:34:43
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.10.1-1.fc19
2014-11-01 01:45:09
[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.10.1-1.fc21
2014-11-01 17:14:38
ubuntucve
ubuntucve
CVE-2014-8326
2014-11-05 00:00:00
cvelist
cvelist
CVE-2014-8326
2014-11-05 11:00:00
cve
cve
CVE-2014-8326
2014-11-05 11:55:07
securityvulns
securityvulns
[ MDVSA-2014:208 ] phpmyadmin
2014-11-03 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-11-03 00:00:00

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

EPSS

0.002

Percentile

56.3%

JSON
Related for GHSA-PVR5-84GR-G985
openvas5prion1osv2debiancve1nvd1phpmyadmin1mageia1nessus7freebsd1fedora3ubuntucve1cvelist1cve1securityvulns2