- Home
- CVEs with nessus.description==According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.7, 4.1.x prior to 4.1.14.8, or 4.2.x prior to 4.2.13.1. It is, therefore, affected by the following vulnerabilities :
- A flaw exists in handling overly long passwords. It is possible that a remote attacker can cause a denial of service by using a long password. (CVE-2014-9218)
- A cross-site scripting flaw exists due to the improper validation of URLs when handling redirection. A remote attacker, by using a specially crafted request, could execute arbitrary script code within the trust relationship of the browser and server. Note that this applies only to versions 4.2.x prior to 4.2.13.1.
(CVE-2014-9219)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top