Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 2.9.1.1 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2007-0095
phpMyAdmin 2.9.1.1 allows remote malicious users to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.
Phpmyadmin Phpmyadmin 2.9.1.1
383
VMScore
CVE-2007-1395
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 up to and including 2.9.2 allows remote malicious users to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase &l...
Phpmyadmin Phpmyadmin 2.8.1 Dev
Phpmyadmin Phpmyadmin 2.8.3
Phpmyadmin Phpmyadmin 2.9.1.1
Phpmyadmin Phpmyadmin 2.9.1 Rc2
Phpmyadmin Phpmyadmin 2.8.0
Phpmyadmin Phpmyadmin 2.9
Phpmyadmin Phpmyadmin 2.8.0.2
Phpmyadmin Phpmyadmin 2.8.2
Phpmyadmin Phpmyadmin 2.9.0 Dev
Phpmyadmin Phpmyadmin 2.9.0.1
Phpmyadmin Phpmyadmin 2.9.2
Phpmyadmin Phpmyadmin 2.9.0.2
Phpmyadmin Phpmyadmin 2.9.0 Rc1
Phpmyadmin Phpmyadmin 2.9.1
Phpmyadmin Phpmyadmin 2.9.0
Phpmyadmin Phpmyadmin 2.9.0.3
Phpmyadmin Phpmyadmin 2.8.0.1
Phpmyadmin Phpmyadmin 2.9.1 Rc1
Phpmyadmin Phpmyadmin 2.8.1
Phpmyadmin Phpmyadmin 2.8.0.3
Phpmyadmin Phpmyadmin 2.9.0 Beta1
Phpmyadmin Phpmyadmin 2.8.4
668
VMScore
CVE-2006-6944
phpMyAdmin prior to 2.9.1.1 allows remote malicious users to bypass Allow/Deny access rules that use IP addresses via false headers.
Phpmyadmin Phpmyadmin 2.9.1 Rc2
Phpmyadmin Phpmyadmin 2.9.0.1
Phpmyadmin Phpmyadmin 2.9.0.2
Phpmyadmin Phpmyadmin 2.9.0 Rc1
Phpmyadmin Phpmyadmin 2.9.0
Phpmyadmin Phpmyadmin 2.9.0.3
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.9.1 Rc1
Phpmyadmin Phpmyadmin 2.9.0 Beta1
231
VMScore
CVE-2007-6100
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin prior to 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote malicious users to inject arbitrary web script or HTML via the convcharset parameter to index.php...
Phpmyadmin Phpmyadmin 2.10.3rc1
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.7.0
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.8.3
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.5.0
Phpmyadmin Phpmyadmin 2.9.1.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.10.0.1
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.8.0
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.6.1
Phpmyadmin Phpmyadmin 2.8.0.2
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.8.2
Phpmyadmin Phpmyadmin 2.3.1
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.0.2
505
VMScore
CVE-2006-6943
PhpMyAdmin prior to 2.9.1.1 allows remote malicious users to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] a...
Phpmyadmin Phpmyadmin 2.9.1 Rc2
Phpmyadmin Phpmyadmin 2.9.0.1
Phpmyadmin Phpmyadmin 2.9.0.2
Phpmyadmin Phpmyadmin 2.9.0 Rc1
Phpmyadmin Phpmyadmin 2.9.0
Phpmyadmin Phpmyadmin 2.9.0.3
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.9.1 Rc1
Phpmyadmin Phpmyadmin 2.9.0 Beta1
1 EDB exploit
383
VMScore
CVE-2008-4326
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin prior to 2.11.9.2, when Internet Explorer is used, allows remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</scri...
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.0
Phpmyadmin Phpmyadmin 2.0.0
Phpmyadmin Phpmyadmin 2.0.1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.1
Phpmyadmin Phpmyadmin 2.1.0
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.0 Pre1
Phpmyadmin Phpmyadmin 2.2.0 Pre2
Phpmyadmin Phpmyadmin 2.2.0 Rc1
Phpmyadmin Phpmyadmin 2.2.0 Rc2
Phpmyadmin Phpmyadmin 2.2.0 Rc3
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2.3
Phpmyadmin Phpmyadmin 2.2.4
605
VMScore
CVE-2008-5621
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x prior to 2.11.9.4 and 3.x prior to 3.1.1.0 allows remote malicious users to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: oth...
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.7
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin 2.11.4.0
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.2.0
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.9.3
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 3.0.1
1 EDB exploit
700
VMScore
CVE-2006-6942
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin prior to 2.9.1.1 allow remote malicious users to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) th...
Phpmyadmin Phpmyadmin 2.9.1 Rc2
Phpmyadmin Phpmyadmin 2.9.0.1
Phpmyadmin Phpmyadmin 2.9.0.2
Phpmyadmin Phpmyadmin 2.9.0 Rc1
Phpmyadmin Phpmyadmin 2.9.0
Phpmyadmin Phpmyadmin 2.9.0.3
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.9.1 Rc1
Phpmyadmin Phpmyadmin 2.9.0 Beta1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
4 EDB exploits
570
VMScore
CVE-2008-3456
phpMyAdmin prior to 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote malicious users to conduct spoofing or phishing activities via a cross-site framing attack.
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.10.0.1
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.10.0.2
Phpmyadmin Phpmyadmin 2.10.3
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.1.0
Phpmyadmin Phpmyadmin 2.1
Phpmyadmin Phpmyadmin 2.11.4.0
855
VMScore
CVE-2008-4096
libraries/database_interface.lib.php in phpMyAdmin prior to 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.
Phpmyadmin Phpmyadmin 2.10.3rc1
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.11.0rc1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.3rc1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.10.0.1
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.10.2
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.10.0.2
Phpmyadmin Phpmyadmin 2.10.3
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.7
Phpmyadmin Phpmyadmin 2.0.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »