CVE-2014-5273

Source
https://nvd.nist.gov/vuln/detail/CVE-2014-5273
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-5273.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2014-5273
Related
Published
2014-08-22T01:55:08Z
Modified
2024-04-30T00:38:43Z
Summary
[none]
Details

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/serverstatusmonitor.js; (4) query charts page, related to js/tblchart.js; or (5) table relations page, related to libraries/tblrelation.lib.php.

References

Affected packages

Debian:11 / phpmyadmin

Package

Name
phpmyadmin
Purl
pkg:deb/debian/phpmyadmin?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.2.7.1-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / phpmyadmin

Package

Name
phpmyadmin
Purl
pkg:deb/debian/phpmyadmin?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.2.7.1-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / phpmyadmin

Package

Name
phpmyadmin
Purl
pkg:deb/debian/phpmyadmin?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.2.7.1-1

Ecosystem specific

{
    "urgency": "low"
}