Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 4.6.0 vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv3
CVE-2016-5702
phpMyAdmin 4.6.x prior to 4.6.3, when the environment lacks a PHP_SELF value, allows remote malicious users to conduct cookie-attribute injection attacks via a crafted URI.
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
6.1
CVSSv3
CVE-2016-5704
Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x prior to 4.6.3 allows remote malicious users to inject arbitrary web script or HTML via vectors involving a comment.
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
6.1
CVSSv3
CVE-2016-5732
Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x prior to 4.6.3 allow remote malicious users to inject arbitrary web script or HTML via c...
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.0
6.1
CVSSv3
CVE-2016-6608
XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (before 4.6.4) are affected.
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.1
8.1
CVSSv3
CVE-2016-6617
An issue exists in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (before 4.6.4) are affected.
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.2
7.5
CVSSv3
CVE-2016-9862
An issue exists in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (before 4.6.5) are affected.
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.3
7.5
CVSSv3
CVE-2016-9863
An issue exists in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (before 4.6.5) are affected.
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
7.5
CVSSv3
CVE-2017-1000016
A weakness exists where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.5.1
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.6.5
Phpmyadmin Phpmyadmin 4.6.5.2
6.1
CVSSv3
CVE-2016-5099
Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x prior to 4.4.15.6 and 4.6.x prior to 4.6.2 allows remote malicious users to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.15.4
6.1
CVSSv3
CVE-2016-6615
XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature (a specially-crafted database name can be used to trigger an XSS attack); the "Tracking" feature (a specially-crafted query can be used to trigger an XSS attack); an...
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.15.4
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.15.7
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.14.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »