Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61536
HistoryFeb 24, 2014 - 12:00 a.m.

phpMyAdmin 'import.php'跨站脚本漏洞

2014-02-2400:00:00
Root
www.seebug.org
27

0.002 Low

EPSS

Percentile

51.1%

JSON

BUGTRAQ ID: 65717
CVE(CAN) ID: CVE-2014-1879

phpmyadmin是MySQL数据库的在线管理工具,主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。

攻击者可能会利用漏洞在受影响站点上下文的不知情用户浏览器中执行任意脚本代码。这可以允许攻击者窃取基于cookie的认证证书,并发动其他攻击。
0
phpMyAdmin phpMyAdmin 3.4.9
phpMyAdmin phpMyAdmin 3.4.8
phpMyAdmin phpMyAdmin 3.4.6
phpMyAdmin phpMyAdmin 3.4.3
phpMyAdmin phpMyAdmin 3.3.8
phpMyAdmin phpMyAdmin 3.3.7
phpMyAdmin phpMyAdmin 3.3.6
phpMyAdmin phpMyAdmin 3.3.5
phpMyAdmin phpMyAdmin 3.3.3 0
phpMyAdmin phpMyAdmin 3.4.5
phpMyAdmin phpMyAdmin 3.4.4
phpMyAdmin phpMyAdmin 3.4.1
phpMyAdmin phpMyAdmin 3.4.0
phpMyAdmin phpMyAdmin 3.3.4.0
phpMyAdmin phpMyAdmin 3.3.2.0
phpMyAdmin phpMyAdmin 3.3.1.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
厂商补丁:

phpMyAdmin

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.phpmyadmin.net/home_page/security/

Related

nessus 7
openvas 7
debiancve 1
prion 1
securityvulns 2
phpmyadmin 1
freebsd 1
mageia 1
cve 1
ubuntucve 1
osv 1
debian 1
fedora 2
nessus
nessus
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:046)
2014-02-22 00:00:00
phpMyAdmin 3.x >= 3.3.1 / 4.x < 4.1.7 import.php XSS (PMASA-2014-1)
2014-02-26 00:00:00
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:0344-1)
2014-06-13 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0099)
2022-01-28 00:00:00
phpMyAdmin XSS Vulnerability (PMASA-2014-1) - Linux
2017-08-21 00:00:00
phpMyAdmin XSS Vulnerability (PMASA-2014-1) - Windows
2017-08-21 00:00:00
debiancve
debiancve
CVE-2014-1879
2014-02-20 15:27:00
prion
prion
Cross site scripting
2014-02-20 15:27:00
securityvulns
securityvulns
[ MDVSA-2014:046 ] phpmyadmin
2014-05-05 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-05-05 00:00:00
phpmyadmin
phpmyadmin
Self-XSS due to unescaped HTML output in import.
2014-02-15 00:00:00
freebsd
freebsd
phpMyAdmin -- Self-XSS due to unescaped HTML output in import.
2014-02-15 00:00:00
mageia
mageia
Updated phpseclib and phpmyadmin packages fix security vulnerability
2014-02-26 01:49:46
cve
cve
CVE-2014-1879
2014-02-20 15:27:00
ubuntucve
ubuntucve
CVE-2014-1879
2014-02-20 00:00:00
osv
osv
phpmyadmin - security update
2014-07-09 00:00:00
debian
debian
[SECURITY] [DSA 2975-1] phpmyadmin security update
2014-07-09 18:46:05
fedora
fedora
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.6-1.fc19
2014-07-30 07:02:40
[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.6-1.fc20
2014-07-30 07:01:17

0.002 Low

EPSS

Percentile

51.1%

JSON
Related for SSV:61536
nessus7openvas7debiancve1prion1securityvulns2phpmyadmin1freebsd1mageia1cve1ubuntucve1osv1debian1fedora2