Lucene search
HistoryJul 31, 2013 - 1:20 p.m.
CVE-2013-4995
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
36.9%
Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information.
Affected configurations
Node
phpmyadminphpmyadminMatch3.5.0.0
ORphpmyadminphpmyadminMatch3.5.1.0
ORphpmyadminphpmyadminMatch3.5.2.0
ORphpmyadminphpmyadminMatch3.5.2.1
ORphpmyadminphpmyadminMatch3.5.2.2
ORphpmyadminphpmyadminMatch3.5.3.0
ORphpmyadminphpmyadminMatch3.5.4
ORphpmyadminphpmyadminMatch3.5.5
ORphpmyadminphpmyadminMatch3.5.6
ORphpmyadminphpmyadminMatch3.5.7
ORphpmyadminphpmyadminMatch3.5.7rc1
ORphpmyadminphpmyadminMatch3.5.8
ORphpmyadminphpmyadminMatch3.5.8rc1
ORphpmyadminphpmyadminMatch3.5.8.1
Node
phpmyadminphpmyadminMatch4.0.0
ORphpmyadminphpmyadminMatch4.0.0rc2
ORphpmyadminphpmyadminMatch4.0.0rc3
ORphpmyadminphpmyadminMatch4.0.1
ORphpmyadminphpmyadminMatch4.0.2
ORphpmyadminphpmyadminMatch4.0.3
ORphpmyadminphpmyadminMatch4.0.4
ORphpmyadminphpmyadminMatch4.0.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpmyadmin | phpmyadmin | 3.5.0.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.1.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.2.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.2.1 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.2.2 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.3.0 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.4 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.5 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.6 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:* |
| phpmyadmin | phpmyadmin | 3.5.7 | cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:* |
Related
phpmyadmin
phpmyadmin
XSS due to unescaped HTML Output when executing a SQL query.
2013-07-28 00:00:00
debiancve
debiancve
CVE-2013-4995
2013-07-31 13:20:08
ubuntucve
ubuntucve
CVE-2013-4995
2013-07-31 00:00:00
prion
prion
Cross site scripting
2013-07-31 13:20:00
cve
cve
CVE-2013-4995
2013-07-31 13:20:08
cvelist
cvelist
CVE-2013-4995
2013-07-30 18:00:00
debian
debian
phpmyadmin security update
2014-07-09 19:24:32
phpmyadmin security update
2014-07-09 19:24:50
[SECURITY] [DSA 2975-1] phpmyadmin security update
2014-07-09 18:45:33
openvas
openvas
Debian: Security Advisory (DLA-0014-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-2975-1)
2014-07-08 00:00:00
Debian Security Advisory DSA 2975-1 (phpmyadmin - security update)
2014-07-09 00:00:00
osv
osv
phpmyadmin - security update
2014-07-09 00:00:00
phpmyadmin - security update
2014-07-09 00:00:00
phpMyAdmin-4.6.5.2-1.1 on GA media
2024-06-15 00:00:00
nessus
nessus
Debian DSA-2975-1 : phpmyadmin - security update
2014-07-10 00:00:00
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2013:203)
2013-07-31 00:00:00
phpMyAdmin 3.5.x < 3.5.8.2 / 4.0.x < 4.0.4.2 Multiple Vulnerabilities
2013-08-08 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:203 ] phpmyadmin
2013-09-09 00:00:00
mageia
mageia
Updated phpmyadmin packages fix security vulnerabilities
2013-07-29 18:06:10
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2013-11-04 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
36.9%
Related for NVD:CVE-2013-4995