Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"

Количество 1 093

Количество 1 093

nvd логотип

CVE-2014-8960

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2014-8960

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in libraries/error_report.lib ...

CVSS2: 3.5
EPSS: Низкий
ubuntu логотип

CVE-2014-8959

больше 10 лет назад

Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.

CVSS2: 6.5
EPSS: Низкий
nvd логотип

CVE-2014-8959

больше 10 лет назад

Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.

CVSS2: 6.5
EPSS: Низкий
debian логотип

CVE-2014-8959

больше 10 лет назад

Directory traversal vulnerability in libraries/gis/GIS_Factory.class.p ...

CVSS2: 6.5
EPSS: Низкий
ubuntu логотип

CVE-2014-8958

больше 10 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2014-8958

больше 10 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2014-8958

больше 10 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2014-8326

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2014-8326

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2014-8326

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...

CVSS2: 3.5
EPSS: Низкий
ubuntu логотип

CVE-2014-7217

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2014-7217

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2014-7217

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...

CVSS2: 3.5
EPSS: Низкий
ubuntu логотип

CVE-2014-6300

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2014-6300

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2014-6300

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in the micro history implemen ...

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2014-5274

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2014-5274

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2014-5274

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in the view operations page i ...

CVSS2: 3.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2014-8960

Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.

CVSS2: 3.5
0%
Низкий
больше 10 лет назад
debian логотип
CVE-2014-8960

Cross-site scripting (XSS) vulnerability in libraries/error_report.lib ...

CVSS2: 3.5
0%
Низкий
больше 10 лет назад
ubuntu логотип
CVE-2014-8959

Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.

CVSS2: 6.5
4%
Низкий
больше 10 лет назад
nvd логотип
CVE-2014-8959

Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.

CVSS2: 6.5
4%
Низкий
больше 10 лет назад
debian логотип
CVE-2014-8959

Directory traversal vulnerability in libraries/gis/GIS_Factory.class.p ...

CVSS2: 6.5
4%
Низкий
больше 10 лет назад
ubuntu логотип
CVE-2014-8958

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.

CVSS2: 4.3
1%
Низкий
больше 10 лет назад
nvd логотип
CVE-2014-8958

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.

CVSS2: 4.3
1%
Низкий
больше 10 лет назад
debian логотип
CVE-2014-8958

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...

CVSS2: 4.3
1%
Низкий
больше 10 лет назад
ubuntu логотип
CVE-2014-8326

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
nvd логотип
CVE-2014-8326

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
debian логотип
CVE-2014-8326

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
ubuntu логотип
CVE-2014-7217

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
nvd логотип
CVE-2014-7217

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
debian логотип
CVE-2014-7217

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0. ...

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
ubuntu логотип
CVE-2014-6300

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.

CVSS2: 4.3
0%
Низкий
почти 11 лет назад
nvd логотип
CVE-2014-6300

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.

CVSS2: 4.3
0%
Низкий
почти 11 лет назад
debian логотип
CVE-2014-6300

Cross-site scripting (XSS) vulnerability in the micro history implemen ...

CVSS2: 4.3
0%
Низкий
почти 11 лет назад
ubuntu логотип
CVE-2014-5274

Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js.

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
nvd логотип
CVE-2014-5274

Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js.

CVSS2: 3.5
0%
Низкий
почти 11 лет назад
debian логотип
CVE-2014-5274

Cross-site scripting (XSS) vulnerability in the view operations page i ...

CVSS2: 3.5
0%
Низкий
почти 11 лет назад

Уязвимостей на страницу