Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 3.1.3 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2009-1149
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin prior to 3.1.3.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameter...
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin
445
VMScore
CVE-2009-1148
Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin prior to 3.1.3.1 allows remote malicious users to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable).
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.0
668
VMScore
CVE-2009-1285
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x prior to 3.1.3.2 allows remote malicious users to inject arbitrary PHP code into configuration files.
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.3.1
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.0.0
383
VMScore
CVE-2010-2958
Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x prior to 3.3.6 allows remote malicious users to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages (aka debugging messages), a different vulnerabilit...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.2.0
Phpmyadmin Phpmyadmin 3.1.3.2
Phpmyadmin Phpmyadmin 3.3.5.1
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.1.3.1
Phpmyadmin Phpmyadmin 3.2.2
383
VMScore
CVE-2010-3263
Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x prior to 3.3.7 allows remote malicious users to inject arbitrary web script or HTML via a server name.
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.3.2.0
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.3.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.1
Phpmyadmin Phpmyadmin 3.3.6.0
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.1.3.2
Phpmyadmin Phpmyadmin 3.2.2
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.0.0
766
VMScore
CVE-2009-1151
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x prior to 2.11.9.5 and 3.x prior to 3.1.3.1 allows remote malicious users to inject arbitrary PHP code into a configuration file via the save action.
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.11.9.4
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 2.11.9
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 2.11.0
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.5
3 EDB exploits
2 Github repositories
383
VMScore
CVE-2009-1150
Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x prior to 2.11.9.5 and 3.x prior to 3.1.3.1 allow remote malicious users to inject arbitrary web script or HTML via the pma_db_filename_template cookie.
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 2.11.1.0
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.9
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.3.0
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.9.3
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.4
760
VMScore
CVE-2011-2506
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote malicious users to conduct static code injection attacks by leveraging the ability to modi...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
2 EDB exploits
578
VMScore
CVE-2011-2507
libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and cons...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
534
VMScore
CVE-2011-2508
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot d...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »