Lucene search
GitHub Advisory DatabaseGHSA-Q586-XPWR-JC3JHistoryMay 14, 2022 - 2:05 a.m.
phpMyAdmin cross-site scripting vulnerability in crafted view name
2022-05-1402:05:29
CWE-79
GitHub Advisory Database
github.com
13
cross-site scripting
phpmyadmin
view operations
remote authenticated users
web script
html
crafted view name
software
vulnerability
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
0.001
Percentile
47.1%
A cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js.
Affected configurations
Node
phpmyadminphpmyadminRange<4.2.7.1
ORphpmyadminphpmyadminRange<4.1.14.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpmyadmin | phpmyadmin | * | cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* |
Related
phpmyadmin
phpmyadmin
XSS in view operations page.
2014-08-17 00:00:00
cvelist
cvelist
CVE-2014-5274
2014-08-22 01:00:00
prion
prion
Cross site scripting
2014-08-22 01:55:00
ubuntucve
ubuntucve
CVE-2014-5274
2014-08-22 00:00:00
openvas
openvas
phpMyAdmin XSS Vulnerability (PMASA-2014-9) - Windows
2017-08-21 00:00:00
phpMyAdmin XSS Vulnerability (PMASA-2014-9) - Linux
2017-08-21 00:00:00
Fedora Update for phpMyAdmin FEDORA-2014-9555
2014-08-24 00:00:00
nvd
nvd
CVE-2014-5274
2014-08-22 01:55:08
debiancve
debiancve
CVE-2014-5274
2014-08-22 01:55:08
osv
osv
phpMyAdmin cross-site scripting vulnerability in crafted view name
2022-05-14 02:05:29
cve
cve
CVE-2014-5274
2014-08-22 01:55:08
nessus
nessus
phpMyAdmin 4.0.x < 4.0.10.2 / 4.1.x < 4.1.14.3 / 4.2.x < 4.2.7.1 Multiple XSS Vulnerabilities (PMASA-2014-8 - PMASA-2014-9)
2014-08-21 00:00:00
FreeBSD : phpMyAdmin -- XSS vulnerabilities (fbb01289-2645-11e4-bc44-6805ca0b3d42)
2014-08-18 00:00:00
Fedora 19 : phpMyAdmin-4.2.7.1-1.fc19 (2014-9534)
2014-08-29 00:00:00
freebsd
freebsd
phpMyAdmin -- XSS vulnerabilities
2014-08-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.7.1-1.fc20
2014-08-24 02:55:48
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.7.1-1.fc19
2014-08-28 15:35:08
mageia
mageia
Updated phpmyadmin package fixes XSS vulnerabilities
2014-08-21 13:36:13
securityvulns
securityvulns
[ MDVSA-2014:164 ] phpmyadmin
2014-10-14 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
0.001
Percentile
47.1%
Related for GHSA-Q586-XPWR-JC3J