Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:164)
Low Nessus Plugin ID 77643
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated phpmyadmin package fixes security vulnerabilities :
In phpMyAdmin before 126.96.36.199, multiple XSS vulnerabilities exist in browse table, ENUM editor, monitor, query charts and table relations pages (CVE-2014-5273).
In phpMyAdmin before 188.8.131.52, with a crafted view name it is possible to trigger an XSS when dropping the view in view operation page (CVE-2014-5274).
SolutionUpdate the affected phpmyadmin package.