9 matches found
SUSE CVE-2014-4348
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name that is improperly handled after presence in a the favorite list or b recent tables...
[ MDVSA-2014:126 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:126 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : July 8, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in...
CVE-2014-4348
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name that is improperly handled after presence in a the favorite list or b recent tables...
DEBIAN-CVE-2014-4348
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name that is improperly handled after presence in a the favorite list or b recent tables...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name that is improperly handled after presence in a the favorite list or b recent tables...
CVE-2014-4348
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name that is improperly handled after presence in a the favorite list or b recent tables...
CVE-2014-4348
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name that is improperly handled after presence in a the favorite list or b recent tables...
CVE-2014-4348
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name that is improperly handled after presence in a the favorite list or b recent tables...
Self-XSS due to unescaped HTML output in recent/favorite tables navigation.
PMASA-2014-2 Announcement-ID: PMASA-2014-2 Date: 2014-06-20 Summary Self-XSS due to unescaped HTML output in recent/favorite tables navigation. Description When marking a crafted database or table name as favorite or having it in recent tables, it is possible to trigger an XSS. Severity We consid...