Max CVSS 6.5 Min CVSS 3.5 Total Count7
IDCVSSSummaryLast (major) updatePublished
CVE-2014-8961 4.0
Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file'
30-12-2016 - 21:59 30-11-2014 - 06:59
CVE-2014-8959 6.5
Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local fi
30-12-2016 - 21:59 30-11-2014 - 06:59
CVE-2014-4987 4.0
server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.
30-12-2016 - 21:59 20-07-2014 - 07:12
CVE-2014-8960 3.5
Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a craft
21-12-2016 - 21:59 30-11-2014 - 06:59
CVE-2014-8958 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or
21-12-2016 - 21:59 30-11-2014 - 06:59
CVE-2014-6300 4.3
Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct
21-12-2016 - 21:59 08-11-2014 - 06:55
CVE-2014-4986 3.5
Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) table
21-12-2016 - 21:59 20-07-2014 - 07:12
Back to Top Mark selected
Back to Top