Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-11441
phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable.
Phpmyadmin Phpmyadmin 5.0.2
3.5
CVSSv2
CVE-2020-10803
In phpMyAdmin 4.x prior to 4.9.5 and 5.x prior to 5.0.2, a SQL injection vulnerability exists where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must ...
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Suse Package Hub -
6
CVSSv2
CVE-2020-10802
In phpMyAdmin 4.x prior to 4.9.5 and 5.x prior to 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An att...
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Suse Package Hub -
6
CVSSv2
CVE-2020-10804
In phpMyAdmin 4.x prior to 4.9.5 and 5.x prior to 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a cra...
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Suse Package Hub -
6.4
CVSSv2
CVE-2013-4454
WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities
Getbutterfly Portable-phpmyadmin 1.4.1
6.4
CVSSv2
CVE-2013-4462
WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability
Portable Phpmyadmin Project Portable Phpmyadmin -
6.5
CVSSv2
CVE-2020-5504
In phpMyAdmin 4 prior to 4.9.4 and 5 prior to 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
Phpmyadmin Phpmyadmin
Suse Suse Linux Enterprise Server 12
Debian Debian Linux 8.0
2 Github repositories
4
CVSSv2
CVE-2019-15235
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an malicious user to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the ...
Control-webpanel Webpanel
4
CVSSv2
CVE-2019-14782
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 up to and including 0.9.8.864 allows an malicious user to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a requ...
Control-webpanel Webpanel
7.5
CVSSv2
CVE-2019-19617
phpMyAdmin prior to 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »