6026 matches found
CVE-2014-8961
Directory traversal vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database, 2 table, or 3 column name that is improperly handled during...
UBUNTU-CVE-2014-8958
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database, 2 table, or 3 column name that is improperly handled during...
CVE-2014-8959
CVE-2014-8959 affects phpMyAdmin GIS editor: directory traversal in libraries/gis/GIS_Factory.class.php allows remote authenticated users to include/execute local files via a crafted geometry-type parameter. Affected versions are phpMyAdmin 4.0.x<4.0.10.6, 4.1.x<4.1.14.7, and 4.2.x
CVE-2014-8958
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database, 2 table, or 3 column name that is improperly handled during...
CVE-2014-8961
Directory traversal vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter...
CVE-2014-8958
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database, 2 table, or 3 column name that is improperly handled during...
CVE-2014-8960
Cross-site scripting XSS vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename...
CVE-2014-8961
The CVE-2014-8961 entry affects phpMyAdmin 4.1.x (before 4.1.14.7) and 4.2.x (before 4.2.12). The vulnerability is a directory traversal in libraries/error_report.lib.php within the error-reporting feature, enabling remote authenticated users to obtain potentially sensitive information about a fi...
CVE-2014-8961
Directory traversal vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter...
CVE-2014-8959
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
CVE-2014-8960
Cross-site scripting XSS vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename...
CVE-2014-8960
CVE-2014-8960 is a cross-site scripting flaw in phpMyAdmin’s error-reporting, exploitable by a remote authenticated user via a crafted filename. It affects phpMyAdmin 4.1.x prior to 4.1.14.7 and 4.2.x prior to 4.2.12, with the issue located in libraries/error_report.lib.php. The vulnerability all...
CVE-2014-8958
CVE-2014-8958 affects phpMyAdmin, with XSS vulnerabilities in multiple render paths: table browse (database/table/column names), table print view, zoom search, and the home page cookie pma_fontsize. The issue stems from improper handling during rendering in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x...
CVE-2014-8959
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
[CVE-2 0 1 4-8 9 5 9] phpmyadmin arbitrary file include vulnerability analysis with presentation-vulnerability warning-the black bar safety net
0x01 vulnerability description phpmyadmin is a widely used mysql database management software, based on PHP development. Latest CVE-2 0 1 4-8 9 5 9 announcement, mentioned the program several versions exist of any of the files containing the vulnerability, affected versions are as follows:...
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:228)
Multiple vulnerabilities has been discovered and corrected in phpmyadmin : - Multiple XSS vulnerabilities CVE-2014-8958. - Local file inclusion vulnerability CVE-2014-8959. - XSS vulnerability in error reporting functionality CVE-2014-8960. - Leakage of line count of an arbitrary file...
phpMyAdmin 4.0.x < 4.0.10.6 / 4.1.x < 4.1.14.7 / 4.2.x < 4.2.12 Multiple Vulnerabilities (PMASA-2014-13 - PMASA-2014-16)
According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.6, 4.1.x prior to 4.1.14.7, or 4.2.x prior to 4.2.12. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting vulnerability in the zoom...
MGASA-2014-0495 Updated phpmyadmin packages fix security vulnerabilities
Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.7, with a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page, with a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoo...
Updated phpmyadmin packages fix security vulnerabilities
Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.7, with a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page, with a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoo...