CVE-2019-1000004

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-1000004
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1000004.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-1000004
Published
2019-02-04T21:29:00.767Z
Modified
2026-03-14T09:30:46.684232Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains a Cross Site Scripting (XSS) vulnerability in sidebar and table data that can result in Database fields aren't properly sanitized and allow code injection (Cross-Site Scripting). This attack appears to be exploitable via the payload needs to be stored in the database and the victim must see the db value in question.

References

Affected packages

Git / github.com/yugandhargangu/jspmyadmin2

Affected ranges

Type
GIT
Repo
https://github.com/yugandhargangu/jspmyadmin2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1fa87b5ca56b476bdce73021152bb5d43f8cb455
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.6"
        }
    ]
}

Affected versions

JspMyAdminV1.*
JspMyAdminV1.0.3
JspMyAdminV1.0.4
v1.*
v1.0
v1.0.1
v1.0.2
v1.0.5
v1.0.6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1000004.json"