NVD

Id
38065  
Name
CVE-2013-1937  
Description
Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2013-04-16  
Modified Date
2016-06-24  
Seq
2013-1937  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
194556 38065 CVE-2013-1937 20130409 [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7  View
194557 38065 CVE-2013-1937 FEDORA-2013-5620  View
194558 38065 CVE-2013-1937 FEDORA-2013-5623  View
194559 38065 CVE-2013-1937 FEDORA-2013-5604  View
194560 38065 CVE-2013-1937 openSUSE-SU-2013:1065  View
194561 38065 CVE-2013-1937 [oss-security] 20130409 Re: CVE Request: Self-XSS in phpmyadmin fixed in 3.5.8  View
194562 38065 CVE-2013-1937 http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html  View
194563 38065 CVE-2013-1937 MDVSA-2013:144  View
194564 38065 CVE-2013-1937 http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php  View
194565 38065 CVE-2013-1937 http://www.waraxe.us/advisory-102.html  View
194566 38065 CVE-2013-1937 https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20672 JVNDB-2013-002247 phpMyAdmin の tbl_gis_visualization.php におけるクロスサイトスクリプティングの脆弱性 phpMyAdmin の tbl_gis_visualization.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2013-1937 61879 CVE-2013-1937 38065 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-002247.html 2013-04-16 2013-12-05 View