Description

Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.

Remediation

References

CVE-2014-1879

Related Vulnerabilities

WordPress Plugin Wow Moodboard Lite Open Redirect (1.1.1.1)

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)

WordPress Plugin Pinterest 'Pin It' Button Cross-Site Scripting (2.0.8)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0145)

WebLogic CVE-2020-14883 Vulnerability (CVE-2020-14883)

Severity

Low

Classification

CVE-2014-1879 CWE-707

Tags

Missing Update Known Vulnerabilities