Lucene search
Gentoo FoundationMGASA-2014-0420HistoryOct 23, 2014 - 5:27 p.m.
Updated phpmyadmin package fixes security vulnerability
2014-10-2317:27:57
Gentoo Foundation
advisories.mageia.org
21
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
0.002
Percentile
56.3%
In phpMyAdmin before 4.1.14.6, with a crafted database or table name it is possible to trigger an XSS in SQL debug output when enabled and in server monitor page when viewing and analysing executed queries (CVE-2014-8326).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | phpmyadmin | < 4.1.14.6-1 | phpmyadmin-4.1.14.6-1.mga3 |
| Mageia | 4 | noarch | phpmyadmin | < 4.1.14.6-1 | phpmyadmin-4.1.14.6-1.mga4 |
Related
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2014-13521
2014-10-29 00:00:00
Fedora Update for phpMyAdmin FEDORA-2014-13504
2014-11-01 00:00:00
prion
prion
Cross site scripting
2014-11-05 11:55:00
osv
osv
phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
2022-05-14 02:05:34
phpMyAdmin-4.6.5.2-1.1 on GA media
2024-06-15 00:00:00
debiancve
debiancve
CVE-2014-8326
2014-11-05 11:55:07
nvd
nvd
CVE-2014-8326
2014-11-05 11:55:07
freebsd
freebsd
fedora
fedora
[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.10.1-1.fc20
2014-10-28 06:34:43
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.10.1-1.fc19
2014-11-01 01:45:09
[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.10.1-1.fc21
2014-11-01 17:14:38
phpmyadmin
phpmyadmin
XSS vulnerabilities in SQL debug output and server monitor page.
2014-10-21 00:00:00
nessus
nessus
github
github
phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
2022-05-14 02:05:34
ubuntucve
ubuntucve
CVE-2014-8326
2014-11-05 00:00:00
cvelist
cvelist
CVE-2014-8326
2014-11-05 11:00:00
cve
cve
CVE-2014-8326
2014-11-05 11:55:07
securityvulns
securityvulns
[ MDVSA-2014:208 ] phpmyadmin
2014-11-03 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
0.002
Percentile
56.3%
Related for MGASA-2014-0420