NVD

Id
33001  
Name
CVE-2014-5273  
Description
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2014-08-21  
Modified Date
2014-10-16  
Seq
2014-5273  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
173219 33001 CVE-2014-5273 openSUSE-SU-2014:1069  View
173220 33001 CVE-2014-5273 http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php  View
173221 33001 CVE-2014-5273 https://github.com/phpmyadmin/phpmyadmin/commit/2c45d7caa614afd71dbe3d0f7270f51ce5569614  View
173222 33001 CVE-2014-5273 https://github.com/phpmyadmin/phpmyadmin/commit/3ffc967fb60cf2910cc2f571017e977558c67821  View
173223 33001 CVE-2014-5273 https://github.com/phpmyadmin/phpmyadmin/commit/647c9d12e33a6b64e1c3ff7487f72696bdf2dccb  View
173224 33001 CVE-2014-5273 https://github.com/phpmyadmin/phpmyadmin/commit/90ddeecf60fc029608b972e490b735f3a65ed0cb  View
173225 33001 CVE-2014-5273 https://github.com/phpmyadmin/phpmyadmin/commit/cd9f302bf7f91a160fe7080f9a612019ef847f1c  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
15018 JVNDB-2014-003893 phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 phpMyAdmin には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2014-5273 72562 CVE-2014-5273 33001 3.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003893.html 2014-08-17 2014-08-25 View