Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD25B78F04-59C8-11E4-B711-6805CA0B3D42
HistoryOct 21, 2014 - 12:00 a.m.

phpMyAdmin -- XSS vulnerabilities in SQL debug output and server monitor page.

2014-10-2100:00:00
vuxml.freebsd.org
9

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

55.9%

JSON

The phpMyAdmin development team reports:

With a crafted database or table name it is possible to
trigger an XSS in SQL debug output when enabled and in
server monitor page when viewing and analysing executed
queries.
This vulnerability can be triggered only by someone who
is logged in to phpMyAdmin, as the usual token protection
prevents non-logged-in users from accessing the required
pages. Moreover, debugging SQL is a developer option which
is disabled by default and expected to be disabled in
production environments.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphpmyadmin= 4.2.0UNKNOWN
FreeBSDanynoarchphpmyadmin< 4.2.10.1UNKNOWN

Related

fedora 3
securityvulns 2
nessus 7
ubuntucve 1
cve 1
phpmyadmin 1
openvas 5
mageia 1
prion 1
osv 1
debiancve 1
github 1
fedora
fedora
[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.10.1-1.fc20
2014-10-28 06:34:43
[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.10.1-1.fc21
2014-11-01 17:14:38
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.10.1-1.fc19
2014-11-01 01:45:09
securityvulns
securityvulns
[ MDVSA-2014:208 ] phpmyadmin
2014-11-03 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-11-03 00:00:00
nessus
nessus
Fedora 21 : phpMyAdmin-4.2.10.1-1.fc21 (2014-13479)
2014-11-03 00:00:00
Fedora 19 : phpMyAdmin-4.2.10.1-1.fc19 (2014-13504)
2014-11-03 00:00:00
Fedora 20 : phpMyAdmin-4.2.10.1-1.fc20 (2014-13521)
2014-10-29 00:00:00
ubuntucve
ubuntucve
CVE-2014-8326
2014-11-05 00:00:00
cve
cve
CVE-2014-8326
2014-11-05 11:55:00
phpmyadmin
phpmyadmin
XSS vulnerabilities in SQL debug output and server monitor page.
2014-10-21 00:00:00
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2014-13504
2014-11-01 00:00:00
Fedora Update for phpMyAdmin FEDORA-2014-13521
2014-10-29 00:00:00
phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities (Nov 2014) - Windows
2017-08-21 00:00:00
mageia
mageia
Updated phpmyadmin package fixes security vulnerability
2014-10-23 17:27:57
prion
prion
Cross site scripting
2014-11-05 11:55:00
osv
osv
phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
2022-05-14 02:05:34
debiancve
debiancve
CVE-2014-8326
2014-11-05 11:55:00
github
github
phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
2022-05-14 02:05:34

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

55.9%

JSON
Related for 25B78F04-59C8-11E4-B711-6805CA0B3D42
fedora3securityvulns2nessus7ubuntucve1cve1phpmyadmin1openvas5mageia1prion1osv1debiancve1github1