4627 matches found
XSRF/CSRF due to DOM based XSS in the micro history feature
PMASA-2014-10 Announcement-ID: PMASA-2014-10 Date: 2014-09-13 Summary XSRF/CSRF due to DOM based XSS in the micro history feature Description By deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a...
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:164)
Updated phpmyadmin package fixes security vulnerabilities : In phpMyAdmin before 4.1.14.3, multiple XSS vulnerabilities exist in browse table, ENUM editor, monitor, query charts and table relations pages CVE-2014-5273. In phpMyAdmin before 4.1.14.3, with a crafted view name it is possible to...
Fedora 19 : phpMyAdmin-4.2.7.1-1.fc19 (2014-9534)
phpMyAdmin 4.2.7.1 2014-08-17 =============================== - security XSS in table browse page - security Self-XSS in enum value editor - security Self-XSSes in monitor - security Self-XSS in query charts - security XSS in view operations page - security XSS in relation view Note that Tenable...
Fedora Update for phpMyAdmin FEDORA-2014-9534
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:1069-1)
This phpMyAdmin update addresses several security and non security issues : - This is a phpMyAdmin version upgrade bnc892401: From 4.1.14.3 : - sf4501 security XSS in table browse page CVE-2014-5273 - sf4502 security Self-XSS in enum value editor CVE-2014-5273 - sf4503 security Self-XSSes in...
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.7.1-1.fc19
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
Fedora 20 : phpMyAdmin-4.2.7.1-1.fc20 (2014-9555)
phpMyAdmin 4.2.7.1 2014-08-17 =============================== - security XSS in table browse page - security Self-XSS in enum value editor - security Self-XSSes in monitor - security Self-XSS in query charts - security XSS in view operations page - security XSS in relation view Note that Tenable...
[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.7.1-1.fc20
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
Fedora Update for phpMyAdmin FEDORA-2014-9555
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2014-5274
Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...
CVE-2014-5273
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...
CVE-2014-5274
Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...
CVE-2014-5273
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...
CVE-2014-5274
Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...
Cross site scripting
Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...
UBUNTU-CVE-2014-5273
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...
UBUNTU-CVE-2014-5274
Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...
CVE-2014-5273
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...
CVE-2014-5273
CVE-2014-5273 corresponds to multiple XSS vulnerabilities in phpMyAdmin affecting 4.0.x (<4.0.10.2), 4.1.x (<4.1.14.3), and 4.2.x (