phpMyAdmin 4.1.x < 4.1.14.1 / 4.2.x < 4.2.4 Navigation Hiding Items Multiple XSS (PMASA-2014-3)

low Nessus Plugin ID 76278

Synopsis

The remote web server hosts a PHP application that is affected by multiple cross-site scripting vulnerabilities.

Description

According to its self-reported version number, the phpMyAdmin install hosted on the remote web server is 4.1.x prior to 4.1.14.1 or 4.2.x prior to 4.2.4. It is, therefore, affected by multiple cross-site scripting vulnerabilities.

The flaws exist due to user input not being validated in a crafted table name after a hide or unhide action. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Either upgrade to phpMyAdmin 4.1.14.1 / 4.2.4 or later, or apply the patch from the referenced link.

See Also

http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php

http://www.nessus.org/u?536b65d4

http://www.nessus.org/u?ddc55164

Plugin Details

Severity: Low

ID: 76278

File Name: phpmyadmin_pmasa_2014_3.nasl

Version: 1.7

Type: remote

Published: 6/27/2014

Updated: 6/4/2024

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 3

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Required KB Items: www/PHP, Settings/ParanoidReport, www/phpMyAdmin

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 6/20/2014

Vulnerability Publication Date: 6/20/2014

Reference Information

CVE: CVE-2014-4349

BID: 68205

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990