Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 2.6.2 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-2418
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin prior to 2.8.0.4 allow remote malicious users to inject arbitrary web script or HTML via the db parameter in unknown scripts.
Phpmyadmin Phpmyadmin 2.8.0.3
5.8
CVSSv2
CVE-2006-3388
Cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 2.8.2 allows remote malicious users to inject arbitrary web script or HTML via the table parameter.
Phpmyadmin Phpmyadmin 2.0.1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.2
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2 Rc1
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.1
Phpmyadmin Phpmyadmin 2.2.5
Phpmyadmin Phpmyadmin 2.2.6
Phpmyadmin Phpmyadmin 2.3.2
Phpmyadmin Phpmyadmin 2.4.0
Phpmyadmin Phpmyadmin 2.5.5 Rc1
Phpmyadmin Phpmyadmin 2.5.5 Rc2
Phpmyadmin Phpmyadmin 2.6.1
Phpmyadmin Phpmyadmin 2.6.1 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.6.4 Pl4
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.2 Rc2
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.7 Pl1
5.1
CVSSv2
CVE-2006-5116
Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin prior to 2.9.1-rc1 allow remote malicious users to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary varia...
Phpmyadmin Phpmyadmin 2.8.0.1
Phpmyadmin Phpmyadmin 2.9.0 Dev
Phpmyadmin Phpmyadmin 2.8.0.2
Phpmyadmin Phpmyadmin 2.8.0.3
Phpmyadmin Phpmyadmin 2.8.1
Phpmyadmin Phpmyadmin 2.8.1 Dev
Phpmyadmin Phpmyadmin 2.8.3
Phpmyadmin Phpmyadmin 2.8.4
5
CVSSv2
CVE-2005-3621
CRLF injection vulnerability in phpMyAdmin prior to 2.6.4-pl4 allows remote malicious users to conduct HTTP response splitting attacks via unspecified scripts.
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.5.5 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.5.2 Pl1
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.6.3 Pl1
5
CVSSv2
CVE-2005-0459
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote malicious users to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.2.5
Phpmyadmin Phpmyadmin 2.2 Pre1
Phpmyadmin Phpmyadmin 2.2 Rc2
Phpmyadmin Phpmyadmin 2.5.0
Phpmyadmin Phpmyadmin 2.5.2
Phpmyadmin Phpmyadmin 2.5.7
Phpmyadmin Phpmyadmin 2.0
Phpmyadmin Phpmyadmin 2.0.1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.2 Rc3
Phpmyadmin Phpmyadmin 2.3.1
Phpmyadmin Phpmyadmin 2.3.2
Phpmyadmin Phpmyadmin 2.4.0
Phpmyadmin Phpmyadmin 2.6.0 Pl2
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.6.2 Dev
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2.3
4.6
CVSSv2
CVE-2005-1392
The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.
Phpmyadmin Phpmyadmin 2.6.2
4.3
CVSSv2
CVE-2009-2284
Cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 3.2.0.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted SQL bookmark.
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.10.0.0
Phpmyadmin Phpmyadmin 2.10.1.0
Phpmyadmin Phpmyadmin 2.10.2.0
Phpmyadmin Phpmyadmin 2.10.3.0
Phpmyadmin Phpmyadmin 2.11.1.0
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.3.0
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.2.0 Pre1
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.2.6
Phpmyadmin Phpmyadmin 2.2 Rc3
4.3
CVSSv2
CVE-2008-4326
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin prior to 2.11.9.2, when Internet Explorer is used, allows remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</scri...
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.0.0
Phpmyadmin Phpmyadmin 2.10.0
Phpmyadmin Phpmyadmin 2.10.1
Phpmyadmin Phpmyadmin 2.10.1.0
Phpmyadmin Phpmyadmin 2.11.1.0
Phpmyadmin Phpmyadmin 2.11.0beta1
Phpmyadmin Phpmyadmin 2.11.0.0
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.11.3rc1
Phpmyadmin Phpmyadmin 2.11.5rc1
Phpmyadmin Phpmyadmin 2.11.4rc1
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.2 Rc1
Phpmyadmin Phpmyadmin 2.2 Pre2
Phpmyadmin Phpmyadmin 2.2 Pre1
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.5.1
Phpmyadmin Phpmyadmin 2.5.2
Phpmyadmin Phpmyadmin 2.5.5 Rc2
Phpmyadmin Phpmyadmin 2.5.5 Rc1
4.3
CVSSv2
CVE-2007-5589
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.11.1.2 allow remote malicious users to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password....
Phpmyadmin Phpmyadmin
1 EDB exploit
4.3
CVSSv2
CVE-2007-5386
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote malicious users to inject arbitrary web script or HTML via the query string.
Phpmyadmin Phpmyadmin 2.11.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »