VDB
GCVE-110-MAGEIA-2014-275
GCVE-110-MAGEIA-2014-275
Advisory Published
Updated phpmyadmin packages fix security vulnerability:
In phpMyAdmin before 4.1.14, it is possible to trigger an XSS when hiding
or unhiding a crafted table name in the navigation, due to unescaped HTML
output in the navigation items hiding feature. Note that this vulnerability
can only be triggered by someone who logged in to phpMyAdmin, as the usual
token protection prevents non-logged-in users from accessing the required
form (CVE-2014-4349).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | phpmyadmin | 0 (affected), 4.1.14.1-1.mga3 (unaffected) | — |
| Mageia | phpmyadmin | 0 (affected), 4.1.14.1-1.mga4 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,738 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.