SecuritySpace - CVE-2014-5273

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2014-5273

Description: Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.

Test IDs: 1.3.6.1.4.1.25623.1.0.112005 1.3.6.1.4.1.25623.1.0.112006

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-5273
http://secunia.com/advisories/60397
SuSE Security Announcement: openSUSE-SU-2014:1069 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html

CVE ID:	CVE-2014-5273
Description:	Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.
Test IDs:	1.3.6.1.4.1.25623.1.0.112005 1.3.6.1.4.1.25623.1.0.112006
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2014-5273 http://secunia.com/advisories/60397 SuSE Security Announcement: openSUSE-SU-2014:1069 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html