Lucene search
K

12 matches found

OpenVAS
OpenVAS
added 2017/08/21 12:0 a.m.28 views

phpMyAdmin XSS Vulnerability (PMASA-2014-10) - Linux

phpMyAdmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.4AI score0.01862EPSS
Exploits0References2
NVD
NVD
added 2014/11/08 11:55 a.m.14 views

CVE-2014-6300

Cross-site scripting XSS vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery CSRF attack to crea...

4.3CVSS5.9AI score0.01862EPSS
Exploits0References5
OSV
OSV
added 2014/11/08 11:55 a.m.5 views

CVE-2014-6300

Cross-site scripting XSS vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery CSRF attack to crea...

5.8AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2014/11/08 11:55 a.m.36 views

CVE-2014-6300

Cross-site scripting XSS vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery CSRF attack to crea...

4.3CVSS7.3AI score0.01862EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/11/08 11:0 a.m.25 views

CVE-2014-6300

Cross-site scripting XSS vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery CSRF attack to crea...

5.8AI score0.01862EPSS
Exploits0References5
CVE
CVE
added 2014/11/08 11:0 a.m.63 views

CVE-2014-6300

CVE-2014-6300 affects phpMyAdmin: XSS in micro history implementation and CSRF to create a root account via crafted URLs, vulnerable in phpMyAdmin 4.0.x < 4.0.10.3, 4.1.x < 4.1.14.4, and 4.2.x = 4.0.10.6, >= 4.1.14.7, and >= 4.2.13. The CVSS-like metrics in the NVD entry show MEDIUM s...

4.3CVSS5.8AI score0.01862EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2014/10/14 12:0 a.m.66 views

[ MDVSA-2014:183 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:183 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : September 24, 2014 Affected: Business Server 1.0 Problem Description: Updated phpmyadmin package fixes security vulnerability: In...

4.3CVSS6.8AI score0.01862EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/10/01 12:0 a.m.24 views

Fedora Update for phpMyAdmin FEDORA-2014-10989

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.01862EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/09/25 12:0 a.m.20 views

Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:183)

Updated phpmyadmin package fixes security vulnerability : In phpMyAdmin before 4.2.9, by deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micro history feature...

4.3CVSS8.9AI score0.01862EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/09/23 12:0 a.m.33 views

openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:1150-1)

phpMyAdmin was updated to 4.1.14.4 2014-09-13 fixing bugs and security issues. - PMASA-2014-10 CVE-2014-6300, CWE-661 CWE-352 http://www.phpmyadmin.net/homepage/security/PMASA-2014- 10.php A DOM based XSS was fixed that resulted to a CSRF that creates a ROOT account in certain conditions...

4.3CVSS8.2AI score0.01862EPSS
Exploits0References4
Mageia
Mageia
added 2014/09/22 8:31 a.m.40 views

Updated phpmyadmin package fix CVE-2014-6300

Updated phpmyadmin package fixes security vulnerability: In phpMyAdmin before 4.1.14.4, by deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micro history featu...

4.3CVSS6.7AI score0.01862EPSS
Exploits0References2
phpMyAdmin
phpMyAdmin
added 2014/09/13 12:0 a.m.35 views

XSRF/CSRF due to DOM based XSS in the micro history feature

PMASA-2014-10 Announcement-ID: PMASA-2014-10 Date: 2014-09-13 Summary XSRF/CSRF due to DOM based XSS in the micro history feature Description By deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a...

4.3CVSS7.9AI score0.01862EPSS
Exploits0Affected Software1
Rows per page
Query Builder