Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 4.6.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-1000016
A weakness exists where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.5.1
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.5
Phpmyadmin Phpmyadmin 4.6.5.2
7.5
CVSSv3
CVE-2017-1000014
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15.8
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.5
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.10.2
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.16
6.1
CVSSv3
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.4
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10.10
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.17
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.15.7
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.5
6.1
CVSSv3
CVE-2017-1000013
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15.8
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.4
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10.8
8.6
CVSSv3
CVE-2016-6621
The setup script for phpMyAdmin prior to 4.0.10.19, 4.4.x prior to 4.4.15.10, and 4.6.x prior to 4.6.6 allows remote malicious users to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.15.4
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.15.6
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.15.9
Phpmyadmin Phpmyadmin 4.4.0
5.9
CVSSv3
CVE-2016-9860
An issue exists in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true. All 4.6.x versions (before 4.6.5), 4.4.x versions (before 4.4.15.9), and 4.0.x versions (before 4.0.10.18) ar...
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.10.17
Phpmyadmin Phpmyadmin 4.0.10.16
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.4
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.10.13
7.5
CVSSv3
CVE-2016-9862
An issue exists in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (before 4.6.5) are affected.
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.3
7.5
CVSSv3
CVE-2016-9863
An issue exists in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (before 4.6.5) are affected.
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
7.5
CVSSv3
CVE-2016-9864
An issue exists in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage datab...
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.4.15.8
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.4.15.7
Phpmyadmin Phpmyadmin 4.4.15.6
Phpmyadmin Phpmyadmin 4.4.14
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.15.5
9.8
CVSSv3
CVE-2016-9865
An issue exists in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (before 4.6.5), 4.4.x versions (before 4.4.15.9), and 4.0.x versions (before 4.0.10.18) are affected.
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.6
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.10.12
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.10.16
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »