First published: Sun Jul 20 2014(Updated: )
Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that is improperly handled on the database triggers page.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
phpMyAdmin phpMyAdmin | =4.0.0 | |
phpMyAdmin phpMyAdmin | =4.0.0-rc2 | |
phpMyAdmin phpMyAdmin | =4.0.0-rc3 | |
phpMyAdmin phpMyAdmin | =4.0.1 | |
phpMyAdmin phpMyAdmin | =4.0.2 | |
phpMyAdmin phpMyAdmin | =4.0.3 | |
phpMyAdmin phpMyAdmin | =4.0.4 | |
phpMyAdmin phpMyAdmin | =4.0.4.1 | |
phpMyAdmin phpMyAdmin | =4.0.4.2 | |
phpMyAdmin phpMyAdmin | =4.0.5 | |
phpMyAdmin phpMyAdmin | =4.0.6 | |
phpMyAdmin phpMyAdmin | =4.0.7 | |
phpMyAdmin phpMyAdmin | =4.0.8 | |
phpMyAdmin phpMyAdmin | =4.0.9 | |
phpMyAdmin phpMyAdmin | =4.0.10 | |
phpMyAdmin phpMyAdmin | =4.0.10.0 | |
phpMyAdmin phpMyAdmin | =4.1.0 | |
phpMyAdmin phpMyAdmin | =4.1.1 | |
phpMyAdmin phpMyAdmin | =4.1.2 | |
phpMyAdmin phpMyAdmin | =4.1.3 | |
phpMyAdmin phpMyAdmin | =4.1.4 | |
phpMyAdmin phpMyAdmin | =4.1.5 | |
phpMyAdmin phpMyAdmin | =4.1.6 | |
phpMyAdmin phpMyAdmin | =4.1.7 | |
phpMyAdmin phpMyAdmin | =4.1.8 | |
phpMyAdmin phpMyAdmin | =4.1.9 | |
phpMyAdmin phpMyAdmin | =4.1.10 | |
phpMyAdmin phpMyAdmin | =4.1.11 | |
phpMyAdmin phpMyAdmin | =4.1.12 | |
phpMyAdmin phpMyAdmin | =4.1.13 | |
phpMyAdmin phpMyAdmin | =4.1.14 | |
phpMyAdmin phpMyAdmin | =4.1.14.1 | |
phpMyAdmin phpMyAdmin | =4.2.0 | |
phpMyAdmin phpMyAdmin | =4.2.1 | |
phpMyAdmin phpMyAdmin | =4.2.2 | |
phpMyAdmin phpMyAdmin | =4.2.3 | |
phpMyAdmin phpMyAdmin | =4.2.4 | |
phpMyAdmin phpMyAdmin | =4.2.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.