Lucene search

K

MitreCVELIST:CVE-2014-8960

HistoryNov 30, 2014 - 11:00 a.m.

CVE-2014-8960

2014-11-3011:00:00

mitre

www.cve.org

5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.4%

Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.

References

lists.opensuse.org/opensuse-updates/2014-12/msg00017.html

www.mandriva.com/security/advisories?name=MDVSA-2014:228

www.phpmyadmin.net/home_page/security/PMASA-2014-15.php

www.securityfocus.com/bid/71244

github.com/phpmyadmin/phpmyadmin/commit/9364e2eee5681681caf7205c0933bc18af11e233

security.gentoo.org/glsa/201505-03

5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.4%

Related for CVELIST:CVE-2014-8960

cve1 phpmyadmin1 ubuntucve1 debiancve1 nvd1 prion1 openvas7 nessus8 fedora3 securityvulns2 freebsd1 mageia1 gentoo1