N/A

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.

N/A

N/A

phpMyAdmin 跨站脚本漏洞

phpMyAdmin是phpMyAdmin团队开发的一套免费的、基于Web的MySQL数据库管理工具。该工具能够创建和删除数据库，创建、删除、修改数据库表，执行SQL脚本命令等。 phpMyAdmin的多个页面（browse table页面，ENUM editor页面，monitor page页面，query charts页面，table relations页面）中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意Web脚本或HTML。以下版本受到影响：phpMyAdmin 4.0.10.2之前4.0.x版

N/A

N/A