Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 2.6.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3299
PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote malicious users to include local files via the $__redirect parameter, possibly involving the subform array.
Phpmyadmin Phpmyadmin 2.6.4
Phpmyadmin Phpmyadmin 2.6.4 Pl1
1 EDB exploit
1 Nmap script
NA
CVE-2005-3301
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.6.4-pl3 allow remote malicious users to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
Phpmyadmin Phpmyadmin 2.6.4
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl2
Phpmyadmin Phpmyadmin 2.6.4 Rc1
2 EDB exploits
NA
CVE-2005-2869
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.6.4 allow remote malicious users to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php.
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2.3
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.2.5
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.5
Phpmyadmin Phpmyadmin 2.5.5 Pl1
Phpmyadmin Phpmyadmin 2.5.5 Rc1
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.6.3
Phpmyadmin Phpmyadmin 2.6.3 Pl1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.2 Rc2
Phpmyadmin Phpmyadmin 2.2 Rc3
Phpmyadmin Phpmyadmin 2.3.1
Phpmyadmin Phpmyadmin 2.3.2
Phpmyadmin Phpmyadmin 2.4.0
Phpmyadmin Phpmyadmin 2.6.0 Pl1
Phpmyadmin Phpmyadmin 2.6.0 Pl2
1 EDB exploit
NA
CVE-2005-3787
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.6.4-pl4 allow remote malicious users to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.5 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.5.2 Pl1
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.6.3 Pl1
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.6.1 Pl3
NA
CVE-2006-5718
Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 up to and including 2.9.0.2 allows remote malicious users to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a requ...
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.8.2
Phpmyadmin Phpmyadmin 2.8.3
Phpmyadmin Phpmyadmin 2.7
Phpmyadmin Phpmyadmin 2.7.0 Beta1
Phpmyadmin Phpmyadmin 2.9.1
Phpmyadmin Phpmyadmin 2.9.2
Phpmyadmin Phpmyadmin 2.7 Pl1
Phpmyadmin Phpmyadmin 2.8.1
Phpmyadmin Phpmyadmin 2.9 Rc1
Phpmyadmin Phpmyadmin 2.6.4 Pl4
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.8.4
Phpmyadmin Phpmyadmin 2.9
NA
CVE-2007-6100
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin prior to 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote malicious users to inject arbitrary web script or HTML via the convcharset parameter to index.php...
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.11.2.0
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.3.0
Phpmyadmin Phpmyadmin 2.11.4.0
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.9.3
Phpmyadmin Phpmyadmin 2.11.9.4
Phpmyadmin Phpmyadmin 2.10.3
Phpmyadmin Phpmyadmin 2.10.1.0
Phpmyadmin Phpmyadmin 2.9.0.1
Phpmyadmin Phpmyadmin 2.9.0.2
Phpmyadmin Phpmyadmin 2.8.0.2
Phpmyadmin Phpmyadmin 2.8.0.3
Phpmyadmin Phpmyadmin 2.6.2
Phpmyadmin Phpmyadmin 2.11.10.1
Phpmyadmin Phpmyadmin 2.11.10.0
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.5.1
NA
CVE-2008-3197
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin prior to 2.11.7.1 allows remote malicious users to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharse...
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.10.0.2
Phpmyadmin Phpmyadmin 2.10.01
Phpmyadmin Phpmyadmin 2.10.3rc1
Phpmyadmin Phpmyadmin 2.11.0
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.4.0
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.2.0 Rc2
Phpmyadmin Phpmyadmin 2.2.0 Rc3
Phpmyadmin Phpmyadmin 2.2 Pre2
Phpmyadmin Phpmyadmin 2.2 Rc1
Phpmyadmin Phpmyadmin 2.5.1
Phpmyadmin Phpmyadmin 2.5.2
Phpmyadmin Phpmyadmin 2.5.5 Rc2
Phpmyadmin Phpmyadmin 2.5.6 Rc1
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.6.1 Pl1
NA
CVE-2008-4326
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin prior to 2.11.9.2, when Internet Explorer is used, allows remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</scri...
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.0.0
Phpmyadmin Phpmyadmin 2.10.0
Phpmyadmin Phpmyadmin 2.10.1
Phpmyadmin Phpmyadmin 2.10.1.0
Phpmyadmin Phpmyadmin 2.11.1.0
Phpmyadmin Phpmyadmin 2.11.0beta1
Phpmyadmin Phpmyadmin 2.11.0.0
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.11.3rc1
Phpmyadmin Phpmyadmin 2.11.5rc1
Phpmyadmin Phpmyadmin 2.11.4rc1
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.2 Rc1
Phpmyadmin Phpmyadmin 2.2 Pre2
Phpmyadmin Phpmyadmin 2.2 Pre1
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.5.1
Phpmyadmin Phpmyadmin 2.5.2
Phpmyadmin Phpmyadmin 2.5.5 Rc2
Phpmyadmin Phpmyadmin 2.5.5 Rc1
NA
CVE-2005-3621
CRLF injection vulnerability in phpMyAdmin prior to 2.6.4-pl4 allows remote malicious users to conduct HTTP response splitting attacks via unspecified scripts.
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.5.5 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.5.2 Pl1
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.6.3 Pl1
NA
CVE-2009-2284
Cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 3.2.0.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted SQL bookmark.
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.10.0.0
Phpmyadmin Phpmyadmin 2.10.1.0
Phpmyadmin Phpmyadmin 2.10.2.0
Phpmyadmin Phpmyadmin 2.10.3.0
Phpmyadmin Phpmyadmin 2.11.1.0
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.3.0
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.2.0 Pre1
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.2.6
Phpmyadmin Phpmyadmin 2.2 Rc3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »