Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 2.6.4 pl3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3300
The register_globals emulation layer in grab_globals.php for phpMyAdmin prior to 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote malicious users to include arbitrary files by using direct requests to library scripts t...
Phpmyadmin Phpmyadmin 2.6.4 Pl3
NA
CVE-2005-3622
phpMyAdmin 2.7.0-beta1 and previous versions allows remote malicious users to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.
Phpmyadmin Phpmyadmin 2.5.2 Pl1
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.6.4 Pl4
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.3 Pl1
Phpmyadmin Phpmyadmin 2.7.0 Beta1
Phpmyadmin Phpmyadmin 2.5.5 Pl1
NA
CVE-2005-3787
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.6.4-pl4 allow remote malicious users to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
Phpmyadmin Phpmyadmin 2.5.2 Pl1
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.3 Pl1
Phpmyadmin Phpmyadmin 2.5.5 Pl1
NA
CVE-2005-3621
CRLF injection vulnerability in phpMyAdmin prior to 2.6.4-pl4 allows remote malicious users to conduct HTTP response splitting attacks via unspecified scripts.
Phpmyadmin Phpmyadmin 2.5.2 Pl1
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.3 Pl1
Phpmyadmin Phpmyadmin 2.5.5 Pl1
NA
CVE-2006-5718
Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 up to and including 2.9.0.2 allows remote malicious users to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a requ...
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.8.3
Phpmyadmin Phpmyadmin 2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.9
Phpmyadmin Phpmyadmin 2.8.2
Phpmyadmin Phpmyadmin 2.9.2
Phpmyadmin Phpmyadmin 2.9 Rc1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.9.1
Phpmyadmin Phpmyadmin 2.6.4 Pl4
Phpmyadmin Phpmyadmin 2.8.1
Phpmyadmin Phpmyadmin 2.7.0 Beta1
Phpmyadmin Phpmyadmin 2.7
Phpmyadmin Phpmyadmin 2.8.4
NA
CVE-2005-3301
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.6.4-pl3 allow remote malicious users to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl2
Phpmyadmin Phpmyadmin 2.6.4
2 EDB exploits
NA
CVE-2006-3388
Cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 2.8.2 allows remote malicious users to inject arbitrary web script or HTML via the table parameter.
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2 Pre1
Phpmyadmin Phpmyadmin 2.8.3
Phpmyadmin Phpmyadmin 2.5.0
Phpmyadmin Phpmyadmin 2.2
Phpmyadmin Phpmyadmin 2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.6.1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.3.1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.5.5 Rc1
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.4.0
Phpmyadmin Phpmyadmin 2.5.5
Phpmyadmin Phpmyadmin 2.5.7
Phpmyadmin Phpmyadmin 2.6.2 Rc1
NA
CVE-2006-1678
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.8.0.3 allow remote malicious users to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory.
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.7.0
Phpmyadmin Phpmyadmin 2.7.0 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2.0 Rc2
Phpmyadmin Phpmyadmin 2.5.0
Phpmyadmin Phpmyadmin 2.2.0 Rc1
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.6.1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.3.1
Phpmyadmin Phpmyadmin 2.7.0 Pl2
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.5.5 Rc1
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.4.0
Phpmyadmin Phpmyadmin 2.5.5
Phpmyadmin Phpmyadmin 2.5.7
NA
CVE-2005-3665
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.7.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation.
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2 Pre1
Phpmyadmin Phpmyadmin 2.5.0
Phpmyadmin Phpmyadmin 2.2
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.6.1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.3.1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.5.5 Rc1
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.4.0
Phpmyadmin Phpmyadmin 2.5.5
Phpmyadmin Phpmyadmin 2.5.7
Phpmyadmin Phpmyadmin 2.6.2 Rc1
Phpmyadmin Phpmyadmin 2.5.6 Rc1
Phpmyadmin Phpmyadmin 2.0.3
NA
CVE-2008-4326
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin prior to 2.11.9.2, when Internet Explorer is used, allows remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</scri...
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.0
Phpmyadmin Phpmyadmin 2.0.0
Phpmyadmin Phpmyadmin 2.0.1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.1
Phpmyadmin Phpmyadmin 2.1.0
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.0 Pre1
Phpmyadmin Phpmyadmin 2.2.0 Pre2
Phpmyadmin Phpmyadmin 2.2.0 Rc1
Phpmyadmin Phpmyadmin 2.2.0 Rc2
Phpmyadmin Phpmyadmin 2.2.0 Rc3
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2.3
Phpmyadmin Phpmyadmin 2.2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »