Vulnerabilities > Phpmyadmin > Phpmyadmin > 4.0.10.1

DATE CVE VULNERABILITY TITLE RISK
2014-11-05 CVE-2014-8326 Cross-Site Scripting vulnerability in multiple products
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page. 		3.5
3.5
2014-08-22 CVE-2014-5273 Cross-Site Scripting vulnerability in PHPmyadmin
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.
network
phpmyadmin CWE-79
3.5
3.5
2014-02-20 CVE-2014-1879 Cross-Site Scripting vulnerability in PHPmyadmin
Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.
network
phpmyadmin CWE-79
3.5
3.5