VIR Vulnerability Intelligence Relay

CVE-2014-1879

low
Published 2014-02-20 · Modified 2026-04-29
CVSS v3
CVSS v2
3.5
VIR risk
3.5

Description

Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2014-1879

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed4:4.1.7-1
debian debianbullseyefixed4:4.1.7-1
debian debiansidfixed4:4.1.7-1
debian debiantrixiefixed4:4.1.7-1

Application impact
VendorProductVersionsFixed
phpmyadminphpmyadmin{"endIncluding":"4.1.6"}
phpmyadminphpmyadmin1.0.0
phpmyadminphpmyadmin1.0.1
phpmyadminphpmyadmin1.0.2
phpmyadminphpmyadmin1.0.3
phpmyadminphpmyadmin1.0.4
phpmyadminphpmyadmin1.0.5
phpmyadminphpmyadmin1.0.6
phpmyadminphpmyadmin1.0.7
phpmyadminphpmyadmin1.0.8
phpmyadminphpmyadmin1.1
phpmyadminphpmyadmin1.2
phpmyadminphpmyadmin1.2.1
phpmyadminphpmyadmin1.2.2
phpmyadminphpmyadmin1.2.3
phpmyadminphpmyadmin1.2.4
phpmyadminphpmyadmin1.2.5
phpmyadminphpmyadmin1.2.6
phpmyadminphpmyadmin1.2.7
phpmyadminphpmyadmin1.2.8
phpmyadminphpmyadmin1.2.9
phpmyadminphpmyadmin1.2.9.1
phpmyadminphpmyadmin1.2.9.2
phpmyadminphpmyadmin1.2.9.3
phpmyadminphpmyadmin1.2.9.4
phpmyadminphpmyadmin1.2.9.5
phpmyadminphpmyadmin1.3
phpmyadminphpmyadmin2.11.0
phpmyadminphpmyadmin2.11.1.0
phpmyadminphpmyadmin2.11.1.1
phpmyadminphpmyadmin2.11.1.2
phpmyadminphpmyadmin2.11.2.0
phpmyadminphpmyadmin2.11.2.1
phpmyadminphpmyadmin2.11.2.2
phpmyadminphpmyadmin2.11.3.0
phpmyadminphpmyadmin2.11.4.0
phpmyadminphpmyadmin2.11.5.0
phpmyadminphpmyadmin2.11.5.1
phpmyadminphpmyadmin2.11.5.2
phpmyadminphpmyadmin2.11.6.0
phpmyadminphpmyadmin2.11.7.0
phpmyadminphpmyadmin2.11.7.1
phpmyadminphpmyadmin2.11.8.0
phpmyadminphpmyadmin2.11.9.0
phpmyadminphpmyadmin2.11.9.1
phpmyadminphpmyadmin2.11.9.2
phpmyadminphpmyadmin2.11.9.3
phpmyadminphpmyadmin2.11.9.4
phpmyadminphpmyadmin2.11.9.5
phpmyadminphpmyadmin2.11.9.6
phpmyadminphpmyadmin2.11.10.0
phpmyadminphpmyadmin2.11.10.1
phpmyadminphpmyadmin3.0.0
phpmyadminphpmyadmin3.0.1
phpmyadminphpmyadmin3.0.1.1
phpmyadminphpmyadmin3.1.0
phpmyadminphpmyadmin3.1.1
phpmyadminphpmyadmin3.1.2
phpmyadminphpmyadmin3.1.3
phpmyadminphpmyadmin3.1.3.1
phpmyadminphpmyadmin3.1.3.2
phpmyadminphpmyadmin3.1.4
phpmyadminphpmyadmin3.1.5
phpmyadminphpmyadmin3.2.0
phpmyadminphpmyadmin3.2.1
phpmyadminphpmyadmin3.2.2
phpmyadminphpmyadmin3.3.0.0
phpmyadminphpmyadmin3.3.1.0
phpmyadminphpmyadmin3.3.2.0
phpmyadminphpmyadmin3.3.3.0
phpmyadminphpmyadmin3.3.4.0
phpmyadminphpmyadmin3.3.5.0
phpmyadminphpmyadmin3.3.5.1
phpmyadminphpmyadmin3.3.6
phpmyadminphpmyadmin3.3.7
phpmyadminphpmyadmin3.3.8
phpmyadminphpmyadmin3.3.8.1
phpmyadminphpmyadmin3.3.9.0
phpmyadminphpmyadmin3.3.9.1
phpmyadminphpmyadmin3.3.9.2
phpmyadminphpmyadmin3.3.10.0
phpmyadminphpmyadmin3.4.0.0
phpmyadminphpmyadmin3.4.1.0
phpmyadminphpmyadmin3.4.2.0
phpmyadminphpmyadmin3.4.3.0
phpmyadminphpmyadmin3.4.3.1
phpmyadminphpmyadmin3.4.3.2
phpmyadminphpmyadmin3.4.4.0
phpmyadminphpmyadmin3.4.5.0
phpmyadminphpmyadmin3.4.6.0
phpmyadminphpmyadmin3.4.7.0
phpmyadminphpmyadmin3.4.7.1
phpmyadminphpmyadmin3.4.8.0
phpmyadminphpmyadmin3.4.9.0
phpmyadminphpmyadmin3.4.10.0
phpmyadminphpmyadmin3.4.10.1
phpmyadminphpmyadmin3.4.10.2
phpmyadminphpmyadmin3.4.11
phpmyadminphpmyadmin3.5.0.0
phpmyadminphpmyadmin3.5.1.0
phpmyadminphpmyadmin3.5.2.0
phpmyadminphpmyadmin3.5.2.1
phpmyadminphpmyadmin3.5.2.2
phpmyadminphpmyadmin3.5.3.0
phpmyadminphpmyadmin3.5.4
phpmyadminphpmyadmin3.5.5
phpmyadminphpmyadmin3.5.6
phpmyadminphpmyadmin3.5.7
phpmyadminphpmyadmin3.5.8
phpmyadminphpmyadmin3.5.8.1
phpmyadminphpmyadmin3.5.8.2
phpmyadminphpmyadmin4.0.0
phpmyadminphpmyadmin4.0.1
phpmyadminphpmyadmin4.0.2
phpmyadminphpmyadmin4.0.3
phpmyadminphpmyadmin4.0.4
phpmyadminphpmyadmin4.0.4.1
phpmyadminphpmyadmin4.0.4.2
phpmyadminphpmyadmin4.0.5
phpmyadminphpmyadmin4.0.6
phpmyadminphpmyadmin4.0.7
phpmyadminphpmyadmin4.0.8
phpmyadminphpmyadmin4.0.9
phpmyadminphpmyadmin4.1.0
phpmyadminphpmyadmin4.1.1
phpmyadminphpmyadmin4.1.2
phpmyadminphpmyadmin4.1.3
phpmyadminphpmyadmin4.1.4
phpmyadminphpmyadmin4.1.5

References

CWEs

CWE-79

Verify integrity in audit chain (admin only). AS-IS.