Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2014-1879
Disclosure Date: February 20, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.
0
Attacker Value
Unknown
CVE-2012-4345
Disclosure Date: August 21, 2012 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name during table creation, or a (2) Empty link or (3) Drop link for a crafted table name.
0
Attacker Value
Unknown
CVE-2012-1190
Disclosure Date: May 03, 2012 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name.
0
Attacker Value
Unknown
CVE-2012-1902
Disclosure Date: April 06, 2012 (last updated October 04, 2023)
show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file.
0
