Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-11441
phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable.
Phpmyadmin Phpmyadmin 5.0.2
8
CVSSv3
CVE-2020-10802
In phpMyAdmin 4.x prior to 4.9.5 and 5.x prior to 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An att...
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Suse Package Hub -
5.4
CVSSv3
CVE-2020-10803
In phpMyAdmin 4.x prior to 4.9.5 and 5.x prior to 5.0.2, a SQL injection vulnerability exists where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must ...
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Suse Package Hub -
8
CVSSv3
CVE-2020-10804
In phpMyAdmin 4.x prior to 4.9.5 and 5.x prior to 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a cra...
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Suse Package Hub -
9.1
CVSSv3
CVE-2013-4454
WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities
Getbutterfly Portable-phpmyadmin 1.4.1
9.1
CVSSv3
CVE-2013-4462
WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability
Portable Phpmyadmin Project Portable Phpmyadmin -
8.8
CVSSv3
CVE-2020-5504
In phpMyAdmin 4 prior to 4.9.4 and 5 prior to 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
Phpmyadmin Phpmyadmin
Suse Suse Linux Enterprise Server 12
Debian Debian Linux 8.0
2 Github repositories
6.5
CVSSv3
CVE-2019-15235
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an malicious user to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the ...
Control-webpanel Webpanel
6.5
CVSSv3
CVE-2019-14782
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 up to and including 0.9.8.864 allows an malicious user to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a requ...
Control-webpanel Webpanel
9.8
CVSSv3
CVE-2019-19617
phpMyAdmin prior to 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »