CVE-2014-5274

Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...

CVE-2014-5274

phpMyAdmin 4.1.x prior to 4.1.14.3 and 4.2.x prior to 4.2.7.1 contain a cross-site scripting (XSS) vulnerability in the view operations page. The issue, related to js/functions.js, allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name. Remediation is to ...

CVE-2014-5274

Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...

CVE-2014-5273

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...

CVE-2014-5273

CVE-2014-5273 corresponds to multiple XSS vulnerabilities in phpMyAdmin affecting 4.0.x (<4.0.10.2), 4.1.x (<4.1.14.3), and 4.2.x (

CVE-2014-5273

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...

MGASA-2014-0344 Updated phpmyadmin package fixes XSS vulnerabilities

Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.3, multiple XSS vulnerabilities exist in browse table, ENUM editor, monitor, query charts and table relations pages CVE-2014-5273. In phpMyAdmin before 4.1.14.3, with a crafted view name it is possible to trigg...

Updated phpmyadmin package fixes XSS vulnerabilities

Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.3, multiple XSS vulnerabilities exist in browse table, ENUM editor, monitor, query charts and table relations pages CVE-2014-5273. In phpMyAdmin before 4.1.14.3, with a crafted view name it is possible to trigg...

phpMyAdmin 4.0.x < 4.0.10.2 / 4.1.x < 4.1.14.3 / 4.2.x < 4.2.7.1 Multiple XSS Vulnerabilities (PMASA-2014-8 - PMASA-2014-9)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.2, 4.1.x prior to 4.1.14.3, or 4.2.x prior to 4.2.7.1. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting vulnerabilities...

FreeBSD : phpMyAdmin -- XSS vulnerabilities (fbb01289-2645-11e4-bc44-6805ca0b3d42)

The phpMyAdmin development team reports : Multiple XSS vulnerabilities in browse table, ENUM editor, monitor, query charts and table relations pages. With a crafted database, table or a primary/unique key column name it is possible to trigger an XSS when dropping a row from the table. With a...

XSS in view operations page.

PMASA-2014-9 Announcement-ID: PMASA-2014-9 Date: 2014-08-17 Summary XSS in view operations page. Description With a crafted view name it is possible to trigger an XSS when dropping the view in view operation page. Severity We consider this vulnerability to be non critical. Mitigation factor This...

Multiple XSS vulnerabilities in browse table, ENUM editor, monitor, query charts and table relations pages

PMASA-2014-8 Announcement-ID: PMASA-2014-8 Date: 2014-08-17 Summary Multiple XSS vulnerabilities in browse table, ENUM editor, monitor, query charts and table relations pages Description With a crafted database, table or a primary/unique key column name it is possible to trigger an XSS when...

phpMyAdmin -- XSS vulnerabilities

The phpMyAdmin development team reports: Multiple XSS vulnerabilities in browse table, ENUM editor, monitor, query charts and table relations pages. With a crafted database, table or a primary/unique key column name it is possible to trigger an XSS when dropping a row from the table. With a craft...

MGASA-2014-0310 Updated phpmyadmin package fixes security vulnerabilities

In phpMyAdmin before 4.1.14.2, when navigating into the database triggers page, it is possible to trigger an XSS with a crafted trigger name CVE-2014-4955. In phpMyAdmin before 4.1.14.2, with a crafted column name it is possible to trigger an XSS when dropping the column in table structure page...

Updated phpmyadmin package fixes security vulnerabilities

In phpMyAdmin before 4.1.14.2, when navigating into the database triggers page, it is possible to trigger an XSS with a crafted trigger name CVE-2014-4955. In phpMyAdmin before 4.1.14.2, with a crafted column name it is possible to trigger an XSS when dropping the column in table structure page...

Fedora Update for phpMyAdmin FEDORA-2014-8581

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for phpMyAdmin FEDORA-2014-8577

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Portable phpMyAdmin - /pma/phpinfo.php Direct Request System Information Disclosure

The portable-phpmyadmin WordPress plugin was affected by a /pma/phpinfo.php Direct Request System Information Disclosure security vulnerability...

Portable phpMyAdmin 1.4.1 - Multiple Script Direct Request Authentication Bypass

The portable-phpmyadmin WordPress plugin was affected by a Multiple Script Direct Request Authentication Bypass security vulnerability...

portable-phpMyAdmin < 1.3.1 - Authentication Bypass

The portable-phpmyadmin WordPress plugin was affected by an Authentication Bypass security vulnerability...