CVE-2014-5273: CVE-2014-5273

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-5273

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

phpMyAdmin 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

phpMyAdmin是phpMyAdmin团队开发的一套免费的、基于Web的MySQL数据库管理工具。该工具能够创建和删除数据库，创建、删除、修改数据库表，执行SQL脚本命令等。 phpMyAdmin的多个页面（browse table页面，ENUM editor页面，monitor page页面，query charts页面，table relations页面）中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意Web脚本或HTML。以下版本受到影响：phpMyAdmin 4.0.10.2之前4.0.x版

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-5273

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-5273

Please Login to view more intelligence information

https://github.com/phpmyadmin/phpmyadmin/commit/2c45d7caa614afd71dbe3d0f7270f51ce5569614x_refsource_CONFIRM
http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.phpx_refsource_CONFIRM
https://github.com/phpmyadmin/phpmyadmin/commit/3ffc967fb60cf2910cc2f571017e977558c67821x_refsource_CONFIRM
https://github.com/phpmyadmin/phpmyadmin/commit/647c9d12e33a6b64e1c3ff7487f72696bdf2dccbx_refsource_CONFIRM
https://github.com/phpmyadmin/phpmyadmin/commit/90ddeecf60fc029608b972e490b735f3a65ed0cbx_refsource_CONFIRM
https://github.com/phpmyadmin/phpmyadmin/commit/cd9f302bf7f91a160fe7080f9a612019ef847f1cx_refsource_CONFIRM
http://secunia.com/advisories/60397third-party-advisoryx_refsource_SECUNIA
http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.htmlvendor-advisoryx_refsource_SUSE
https://nvd.nist.gov/vuln/detail/CVE-2014-5273

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-5273

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2014-5273

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-5273

III. Intelligence Information for CVE-2014-5273

IV. Related Vulnerabilities

V. Comments for CVE-2014-5273

Leave a comment