VYPR
← All advisories
Low severityNVD Advisory· Published Oct 3, 2014· Updated May 6, 2026

CVE-2014-7217

CVE-2014-7217

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
phpmyadmin/phpmyadminPackagist
>= 4.0.0, < 4.0.10.44.0.10.4
phpmyadmin/phpmyadminPackagist
>= 4.1.0, < 4.1.14.54.1.14.5
phpmyadmin/phpmyadminPackagist
>= 4.2.0, < 4.2.9.14.2.9.1

Affected products

43
  • PhpMyAdmin/phpMyAdmin43 versions
    cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*+ 42 more
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.14:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.14.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.14.3:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.14.4:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.9:*:*:*:*:*:*:*

Patches

2
304fb2b645b3

Bug 4544: additional fix for 4.2.x

https://github.com/phpmyadmin/phpmyadminMarc DelisleOct 1, 2014via ghsa
commit
1 file changed · +2 1
  • libraries/TableSearch.class.php+2 1 modified
    @@ -992,7 +992,8 @@ private function _getRowsNormal()
             $html_output .= '<td>' . $properties['collation'] . '</td>';
             $html_output .= '<td>' . $properties['func'] . '</td>';
             // here, the data-type attribute is needed for a date/time picker
-            $html_output .= '<td data-type="' . $properties['type'] . '"'
+            $html_output .= '<td data-type="'
+                . htmlspecialchars($properties['type']) . '"'
                 . '>' . $properties['value'] . '</td>';
             $html_output .= '</tr>';
             //Displays hidden fields
c1a3f85fbd1a

[security] XSS with malicious ENUM values

https://github.com/phpmyadmin/phpmyadminMarc DelisleSep 28, 2014via ghsa
commit
2 files changed · +14 6
  • libraries/TableSearch.class.php+8 3 modified
    @@ -316,6 +316,7 @@ private function _getForeignKeyInputBox($foreignData, $column_name,
     private function _getEnumSetInputBox($column_index, $criteriaValues,
         $column_type, $column_id, $in_zoom_search_edit = false
     ) {
+        $column_type = htmlspecialchars($column_type);
         $html_output = '';
         $value = explode(
             ', ',
@@ -985,7 +986,9 @@ private function _getRowsNormal()
             $html_output .= '<th>'
                 . htmlspecialchars($this->_columnNames[$column_index]) . '</th>';
             $properties = $this->getColumnProperties($column_index, $column_index);
-            $html_output .= '<td>' . $properties['type'] . '</td>';
+            $html_output .= '<td>'
+                . htmlspecialchars($properties['type'])
+                . '</td>';
             $html_output .= '<td>' . $properties['collation'] . '</td>';
             $html_output .= '<td>' . $properties['func'] . '</td>';
             // here, the data-type attribute is needed for a date/time picker
@@ -996,11 +999,13 @@ private function _getRowsNormal()
             $html_output .= '<tr><td>';
             $html_output .= '<input type="hidden"'
                 . ' name="criteriaColumnNames[' . $column_index . ']"'
-                . ' value="' . htmlspecialchars($this->_columnNames[$column_index])
+                . ' value="'
+                . htmlspecialchars($this->_columnNames[$column_index])
                 . '" />';
             $html_output .= '<input type="hidden"'
                 . ' name="criteriaColumnTypes[' . $column_index . ']"'
-                . ' value="' . $this->_columnTypes[$column_index] . '" />';
+                . ' value="'
+                . htmlspecialchars($this->_columnTypes[$column_index]) . '" />';
             $html_output .= '<input type="hidden"'
                 . ' name="criteriaColumnCollations[' . $column_index . ']"'
                 . ' value="' . $this->_columnCollations[$column_index] . '" />';
  • libraries/Util.class.php+6 3 modified
    @@ -3029,9 +3029,12 @@ public static function extractColumnSpec($columnspec)
         // for the case ENUM('&#8211;','&ldquo;')
         $displayed_type = htmlspecialchars($printtype);
         if (strlen($printtype) > $GLOBALS['cfg']['LimitChars']) {
-            $displayed_type  = '<abbr title="' . $printtype . '">';
-            $displayed_type .= $GLOBALS['PMA_String']->substr(
-                $printtype, 0, $GLOBALS['cfg']['LimitChars']
+            $displayed_type  = '<abbr title="'
+                . htmlspecialchars($printtype) . '">';
+            $displayed_type .= htmlspecialchars(
+                $GLOBALS['PMA_String']->substr(
+                    $printtype, 0, $GLOBALS['cfg']['LimitChars']
+                )
             );
             $displayed_type .= '</abbr>';
         }

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

9

News mentions

0

No linked articles in our index yet.