CVE-2014-9219
phpMyAdmin 4.2.x < 4.2.13.1 - Cross-Site Scripting via URL Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-9219. PoCs published by MohmadHafiz.
AI-analyzed exploit summary This PoC demonstrates a cross-site scripting (XSS) vulnerability in phpMyAdmin 4.2.x before 4.2.13.1 due to improper sanitization of the URL parameter in url.php. The exploit leverages inadequate escaping in JavaScript string context to execute arbitrary JavaScript code.
Description
Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Exploits (1)
This PoC demonstrates a cross-site scripting (XSS) vulnerability in phpMyAdmin 4.2.x before 4.2.13.1 due to improper sanitization of the URL parameter in url.php. The exploit leverages inadequate escaping in JavaScript string context to execute arbitrary JavaScript code.