VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-rby8-8wrn-h7df

Essentials
Severities (36)
References (9)
Severity details (7)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-rby8-8wrn-h7df
Aliases	CVE-2014-6300 GHSA-6wfj-2mw7-p5cg
Summary	phpMyAdmin micro history Implementation XSS Vulnerability Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2014-6300
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-6wfj-2mw7-p5cg
generic_textual	MODERATE	https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2014-6300
generic_textual	MODERATE	https://security.gentoo.org/glsa/201505-03
generic_textual	MODERATE	https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790
generic_textual	MODERATE	http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html
		https://api.first.org/data/v1/epss?cve=CVE-2014-6300
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6300
		https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac
		https://nvd.nist.gov/vuln/detail/CVE-2014-6300
		https://security.gentoo.org/glsa/201505-03
		https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790
		http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
GHSA-6wfj-2mw7-p5cg		https://github.com/advisories/GHSA-6wfj-2mw7-p5cg

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.50508
EPSS Score	0.00273
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:11:19.358263+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6wfj-2mw7-p5cg/GHSA-6wfj-2mw7-p5cg.json	37.0.0