8 matches found
Mageia: Security Advisory (MGASA-2014-0275)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for phpMyAdmin FEDORA-2014-8581
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for phpMyAdmin FEDORA-2014-8577
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2014-0275 Updated phpmyadmin packages fix CVE-2014-4349
Updated phpmyadmin packages fix security vulnerability: In phpMyAdmin before 4.1.14, it is possible to trigger an XSS when hiding or unhiding a crafted table name in the navigation, due to unescaped HTML output in the navigation items hiding feature. Note that this vulnerability can only be...
Updated phpmyadmin packages fix CVE-2014-4349
Updated phpmyadmin packages fix security vulnerability: In phpMyAdmin before 4.1.14, it is possible to trigger an XSS when hiding or unhiding a crafted table name in the navigation, due to unescaped HTML output in the navigation items hiding feature. Note that this vulnerability can only be...
CVE-2014-4349
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a 1 hide or 2 unhide action...
CVE-2014-4349
CVE-2014-4349 affects phpMyAdmin 4.1.x up to 4.1.14.1 and 4.2.x up to 4.2.4. Root cause: improper handling of table names during hide/unhide actions leads to cross-site scripting (XSS). Impact: remote authenticated users can inject arbitrary web script or HTML. Remediation: upgrade to 4.1.14.1 or...
Self-XSS due to unescaped HTML output in navigation items hiding feature.
PMASA-2014-3 Announcement-ID: PMASA-2014-3 Date: 2014-06-20 Summary Self-XSS due to unescaped HTML output in navigation items hiding feature. Description When hiding or unhiding a crafted table name in the navigation, it is possible to trigger an XSS. Severity We consider this vulnerability to be...