Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mysql mysql 4.1.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-3438
Multiple cross-site scripting (XSS) vulnerabilities in WordPress prior to 4.1.2, when MySQL is used without strict mode, allow remote malicious users to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database laye...
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 7.0
4.3
CVSSv2
CVE-2015-3440
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress prior to 4.2.1 allows remote malicious users to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Wordpress Wordpress
1 EDB exploit
14 Github repositories
5
CVSSv2
CVE-2014-9218
libraries/common.inc.php in phpMyAdmin 4.0.x prior to 4.0.10.7, 4.1.x prior to 4.1.14.8, and 4.2.x prior to 4.2.13.1 allows remote malicious users to cause a denial of service (resource consumption) via a long password.
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.1.0
Phpmyadmin Phpmyadmin 4.1.14.1
Phpmyadmin Phpmyadmin 4.1.14.3
Phpmyadmin Phpmyadmin 4.1.7
Phpmyadmin Phpmyadmin 4.1.8
Phpmyadmin Phpmyadmin 4.2.10.1
Phpmyadmin Phpmyadmin 4.2.2
Phpmyadmin Phpmyadmin 4.2.8
Phpmyadmin Phpmyadmin 4.2.8.1
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.1.11
Phpmyadmin Phpmyadmin 4.1.12
Phpmyadmin Phpmyadmin 4.1.3
Phpmyadmin Phpmyadmin 4.1.4
1 EDB exploit
4.3
CVSSv2
CVE-2014-8958
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x prior to 4.0.10.6, 4.1.x prior to 4.1.14.7, and 4.2.x prior to 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is ...
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.10.2
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.1.14.5
Phpmyadmin Phpmyadmin 4.1.14.4
Phpmyadmin Phpmyadmin 4.1.11
Phpmyadmin Phpmyadmin 4.1.10
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.1.14.1
Phpmyadmin Phpmyadmin 4.1.14
Phpmyadmin Phpmyadmin 4.1.6
Phpmyadmin Phpmyadmin 4.1.5
Phpmyadmin Phpmyadmin 4.2.10.1
Phpmyadmin Phpmyadmin 4.2.9.1
Phpmyadmin Phpmyadmin 4.2.4
Phpmyadmin Phpmyadmin 4.2.3
Phpmyadmin Phpmyadmin 4.1.2
4
CVSSv2
CVE-2014-4987
server_user_groups.php in phpMyAdmin 4.1.x prior to 4.1.14.2 and 4.2.x prior to 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Phpmyadmin Phpmyadmin 4.2.2
Phpmyadmin Phpmyadmin 4.2.1
Phpmyadmin Phpmyadmin 4.1.3
Phpmyadmin Phpmyadmin 4.1.2
Phpmyadmin Phpmyadmin 4.1.1
Phpmyadmin Phpmyadmin 4.1.0
Phpmyadmin Phpmyadmin 4.2.0
Phpmyadmin Phpmyadmin 4.1.9
Phpmyadmin Phpmyadmin 4.1.14.1
Phpmyadmin Phpmyadmin 4.1.14
Phpmyadmin Phpmyadmin 4.2.5
Phpmyadmin Phpmyadmin 4.1.8
Phpmyadmin Phpmyadmin 4.1.7
Phpmyadmin Phpmyadmin 4.1.6
Phpmyadmin Phpmyadmin 4.1.13
Phpmyadmin Phpmyadmin 4.1.12
Phpmyadmin Phpmyadmin 4.2.4
Phpmyadmin Phpmyadmin 4.2.3
Phpmyadmin Phpmyadmin 4.1.5
Phpmyadmin Phpmyadmin 4.1.4
3.5
CVSSv2
CVE-2014-1879
Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin prior to 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.
Phpmyadmin Phpmyadmin 4.0.6
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.1.0
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.2.9.3
Phpmyadmin Phpmyadmin 1.2.9.4
Phpmyadmin Phpmyadmin 1.2.9.5
Phpmyadmin Phpmyadmin 2.11.4.0
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.7
4
CVSSv2
CVE-2012-1696
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and previous versions allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Oracle Mysql
Oracle Mysql 5.5.5
Oracle Mysql 5.5.20
Oracle Mysql 5.5.6
Oracle Mysql 5.5.2
Oracle Mysql 5.5.15
Oracle Mysql 5.5.10
Oracle Mysql 5.5.9
Oracle Mysql 5.1.46
Oracle Mysql 5.1.47
Mysql Mysql 5.1.23
Oracle Mysql 5.1.54
Oracle Mysql 5.1.55
Oracle Mysql 5.1.6
Oracle Mysql 5.1.3
Oracle Mysql 5.1.12
Oracle Mysql 5.1.17
Oracle Mysql 5.1
Mysql Mysql 5.1.32
Oracle Mysql 5.1.19
Oracle Mysql 5.1.20
Mysql Mysql Community Server 5.1.19
8.5
CVSSv2
CVE-2009-2446
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 up to and including 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format...
Mysql Mysql 4.1.8
Oracle Mysql 4.1.9
Oracle Mysql 4.1.17
Oracle Mysql 4.1.16
Mysql Mysql 4.1.3
Oracle Mysql 4.1.22
Mysql Mysql 4.1.0
Oracle Mysql 4.1.0
Mysql Mysql 4.1.12
Mysql Mysql 4.1.13
Oracle Mysql 4.0.25
Oracle Mysql 4.0.24
Oracle Mysql 4.0.6
Oracle Mysql 4.0.1
Oracle Mysql 4.0.16
Oracle Mysql 4.0.17
Oracle Mysql 5.0.0
Oracle Mysql 5.0.11
Mysql Mysql 5.0.1
Oracle Mysql 5.0.42
Mysql Mysql 5.0.56
Oracle Mysql 5.0.32
1 EDB exploit
3.6
CVSSv2
CVE-2006-4226
MySQL prior to 4.1.21, 5.0 prior to 5.0.25, and 5.1 prior to 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
Oracle Mysql 4.0.0
Oracle Mysql 4.0.14
Oracle Mysql 4.0.15
Oracle Mysql 4.0.21
Oracle Mysql 4.0.23
Oracle Mysql 4.0.5a
Oracle Mysql 4.0.6
Mysql Mysql 4.1.0
Mysql Mysql 4.1.12
Oracle Mysql 4.1.17
Oracle Mysql 4.1.18
Oracle Mysql 4.1.3
Oracle Mysql 4.1.4
Mysql Mysql 5.0.0
Oracle Mysql 5.0.13
Oracle Mysql 5.0.14
Oracle Mysql 5.0.18
Oracle Mysql 5.0.19
Mysql Mysql 5.0.22.1.0.1
Mysql Mysql 5.0.3
Oracle Mysql 5.0.3
Oracle Mysql 5.0.7
2.1
CVSSv2
CVE-2006-4031
MySQL 4.1 prior to 4.1.21 and 5.0 prior to 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
Oracle Mysql 3.22.30
Oracle Mysql 3.22.32
Oracle Mysql 3.23.14
Oracle Mysql 3.23.15
Oracle Mysql 3.23.21
Oracle Mysql 3.23.22
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.36
Oracle Mysql 3.23.37
Oracle Mysql 3.23.43
Oracle Mysql 3.23.44
Oracle Mysql 3.23.51
Oracle Mysql 3.23.52
Oracle Mysql 3.23.57
Oracle Mysql 3.23.58
Oracle Mysql 4.0.1
Oracle Mysql 4.0.10
Oracle Mysql 4.0.17
Oracle Mysql 4.0.18
Oracle Mysql 4.0.25
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »