| Max CVSS | 4.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-4987 | 4.0 |
server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.
|
30-10-2018 - 16:27 | 20-07-2014 - 11:12 | |
| CVE-2014-5274 | 3.5 |
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/function
|
30-10-2018 - 16:27 | 22-08-2014 - 01:55 | |
| CVE-2014-4986 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) table
|
22-12-2016 - 02:59 | 20-07-2014 - 11:12 | |
| CVE-2014-4955 | 3.5 |
Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary
|
03-09-2015 - 14:56 | 20-07-2014 - 11:12 | |
| CVE-2014-4349 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hid
|
02-09-2015 - 17:11 | 25-06-2014 - 11:19 | |
| CVE-2014-5273 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to
|
16-10-2014 - 07:23 | 22-08-2014 - 01:55 |