CVE-2014-4987

Published July 20th, 2014

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.

phpmyadmin/phpmyadmin

A web interface for MySQL and MariaDB

GitHub

7.88K