11 matches found
phpMyAdmin Multiple Vulnerabilities (PMASA-2014-15, PMASA-2014-16) - Linux
phpMyAdmin is prone to multiple cross-site scripting XSS and directory traversal vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:1561-1)
phpMyAdmin was updated to fix four security issues. For openSUSE 12.3 and 13.1, phpMyAdmin was updated to 4.1.14.7. For openSUSE 13.2, phpMyAdmin was updated to to 4.2.12. These security issues were fixed : - XSS vulnerability in error reporting functionality CVE-2014-8960. - Local file inclusion...
Fedora Update for phpMyAdmin FEDORA-2014-15535
Check the version of phpMyAdmin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868529";...
Fedora Update for phpMyAdmin FEDORA-2014-15538
Check the version of phpMyAdmin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868533";...
CVE-2014-8960
Cross-site scripting XSS vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename...
CVE-2014-8960
Cross-site scripting XSS vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename...
CVE-2014-8960
Cross-site scripting XSS vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename...
CVE-2014-8960
CVE-2014-8960 is a cross-site scripting flaw in phpMyAdmin’s error-reporting, exploitable by a remote authenticated user via a crafted filename. It affects phpMyAdmin 4.1.x prior to 4.1.14.7 and 4.2.x prior to 4.2.12, with the issue located in libraries/error_report.lib.php. The vulnerability all...
CVE-2014-8960
Cross-site scripting XSS vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename...
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:228)
Multiple vulnerabilities has been discovered and corrected in phpmyadmin : - Multiple XSS vulnerabilities CVE-2014-8958. - Local file inclusion vulnerability CVE-2014-8959. - XSS vulnerability in error reporting functionality CVE-2014-8960. - Leakage of line count of an arbitrary file...
XSS vulnerability in error reporting functionality.
PMASA-2014-15 Announcement-ID: PMASA-2014-15 Date: 2014-11-20 Summary XSS vulnerability in error reporting functionality. Description With a crafted file name it is possible to trigger an XSS in the error reporting page. Severity We consider this vulnerability to be non critical. Mitigation facto...