{"id":"MGASA-2014-0310","summary":"Updated phpmyadmin package fixes security vulnerabilities","details":"In phpMyAdmin before 4.1.14.2, when navigating into the database triggers\npage, it is possible to trigger an XSS with a crafted trigger name\n(CVE-2014-4955).\n\nIn phpMyAdmin before 4.1.14.2, with a crafted column name it is possible to\ntrigger an XSS when dropping the column in table structure page. With a\ncrafted table name it is possible to trigger an XSS when dropping or\ntruncating the table in table operations page (CVE-2014-4986).\n\nIn phpMyAdmin before 4.1.14.2, An unpriviledged user could view the MySQL\nuser list and manipulate the tabs displayed in phpMyAdmin for them\n(CVE-2014-4987).\n","modified":"2026-02-04T03:45:55.372262Z","published":"2014-08-05T20:08:48Z","related":["CVE-2014-4955","CVE-2014-4986","CVE-2014-4987"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0310.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13766"},{"type":"REPORT","url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php"},{"type":"REPORT","url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php"},{"type":"REPORT","url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php"}],"affected":[{"package":{"name":"phpmyadmin","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/phpmyadmin?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.14.2-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0310.json"}},{"package":{"name":"phpmyadmin","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/phpmyadmin?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.14.2-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0310.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}