Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2013-1937
HistoryApr 16, 2013 - 12:00 a.m.

CVE-2013-1937

2013-04-1600:00:00
ubuntu.com
ubuntu.com
8

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.01

Percentile

83.3%

JSON

DISPUTED Multiple cross-site scripting (XSS) vulnerabilities in
tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow
remote attackers to inject arbitrary web script or HTML via the (1)
visualizationSettings[width] or (2) visualizationSettings[height]
parameter. NOTE: a third party reports that this is “not exploitable.”

Notes

Author Note
jdstrand per Debian, only 3.5.0 - 3.5.7 is affected

Related

nessus 8
openvas 7
fedora 3
debiancve 1
prion 1
freebsd 1
cvelist 1
nvd 1
cve 1
phpmyadmin 1
gentoo 1
nessus
nessus
Fedora 18 : phpMyAdmin-3.5.8-1.fc18 (2013-5620)
2013-04-23 00:00:00
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2013:144)
2013-04-20 00:00:00
Fedora 17 : phpMyAdmin-3.5.8-1.fc17 (2013-5623)
2013-04-23 00:00:00
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2013-5623
2013-04-25 00:00:00
phpMyAdmin Multiple XSS Vulnerabilities (PMASA-2013-1) - Windows
2017-08-21 00:00:00
Fedora Update for phpMyAdmin FEDORA-2013-5620
2013-04-25 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8-1.fc18
2013-04-21 23:54:37
[SECURITY] Fedora 19 Update: phpMyAdmin-3.5.8-1.fc19
2013-04-22 00:40:39
[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.8-1.fc17
2013-04-21 23:55:29
debiancve
debiancve
CVE-2013-1937
2013-04-16 14:04:31
prion
prion
Cross site scripting
2013-04-16 14:04:00
freebsd
freebsd
phpMyAdmin -- XSS due to unescaped HTML output in GIS visualisation page
2013-04-18 00:00:00
cvelist
cvelist
CVE-2013-1937
2013-04-16 10:00:00
nvd
nvd
CVE-2013-1937
2013-04-16 14:04:31
cve
cve
CVE-2013-1937
2013-04-16 14:04:31
phpmyadmin
phpmyadmin
XSS due to unescaped HTML output in GIS visualisation page.
2013-04-18 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2013-11-04 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.01

Percentile

83.3%

JSON
Related for UB:CVE-2013-1937
nessus8openvas7fedora3debiancve1prion1freebsd1cvelist1nvd1cve1phpmyadmin1gentoo1