Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-5159
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote malicious users to execute arbitrary PHP code via an eval injection att...
Phpmyadmin Phpmyadmin 3.5.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2011-2506
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote malicious users to conduct static code injection attacks by leveraging the ability to modi...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
2 EDB exploits
7.5
CVSSv2
CVE-2010-3055
The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x prior to 2.11.10.1 does not properly restrict key names in its output file, which allows remote malicious users to execute arbitrary PHP code via a crafted POST request.
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.8.0
Phpmyadmin Phpmyadmin 2.11.4.0
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 2.11.9.5
Phpmyadmin Phpmyadmin 2.11.10.0
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.9.6
Phpmyadmin Phpmyadmin 2.11.2.0
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.9.3
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 2.11.9.4
Phpmyadmin Phpmyadmin 2.11.7.1
Phpmyadmin Phpmyadmin 2.11.3.0
7.5
CVSSv2
CVE-2009-3697
SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x prior to 2.11.9.6 and 3.x prior to 3.2.2.1 allows remote malicious users to execute arbitrary SQL commands via unspecified interface parameters.
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.2.0-beta1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.1.0-beta1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 3.0.0-beta
Phpmyadmin Phpmyadmin 3.0.0-alpha
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.0
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.7
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 2.11.5
7.5
CVSSv2
CVE-2009-1285
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x prior to 3.1.3.2 allows remote malicious users to inject arbitrary PHP code into configuration files.
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin 3.1.3.1
7.5
CVSSv2
CVE-2009-1149
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin prior to 3.1.3.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameter...
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin
7.5
CVSSv2
CVE-2009-1151
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x prior to 2.11.9.5 and 3.x prior to 3.1.3.1 allows remote malicious users to inject arbitrary PHP code into a configuration file via the save action.
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.0
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.7
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 3.1.3
3 EDB exploits
2 Github repositories
7.5
CVSSv2
CVE-2009-0919
XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote malicious users to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default pass...
Apachefriends Xampp 1.4.9
Apachefriends Xampp 1.5.0
Apachefriends Xampp 1.5.2
Apachefriends Xampp 1.4.3
Apachefriends Xampp 1.4.12
Apachefriends Xampp 0.6.3
Apachefriends Xampp 1.6.0
Apachefriends Xampp 1.0.1
Apachefriends Xampp 1.0
Apachefriends Xampp 0.6.2
Apachefriends Xampp 0.3
Apachefriends Xampp 1.4.11
Apachefriends Xampp 1.7.1
Apachefriends Xampp 0.6
Apachefriends Xampp 1.6.4
Apachefriends Xampp 1.4.15
Apachefriends Xampp 0.7.4
Apachefriends Xampp 1.5.4a
Apachefriends Xampp 1.4.6
Apachefriends Xampp Development
Apachefriends Xampp 1.7
Apachefriends Xampp 1.6.5
7.5
CVSSv2
CVE-2007-2278
Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the path parameter to library/adodb/adodb.inc.php, (2) the abs_path_editor parameter to library/editor/editor.php, or (3) the cfgfile...
Dcp-portal Dcp-portal 6.1.1
7.5
CVSSv2
CVE-2006-6944
phpMyAdmin prior to 2.9.1.1 allows remote malicious users to bypass Allow/Deny access rules that use IP addresses via false headers.
Phpmyadmin Phpmyadmin 2.9.1 Rc2
Phpmyadmin Phpmyadmin 2.9.0.1
Phpmyadmin Phpmyadmin 2.9.0.2
Phpmyadmin Phpmyadmin 2.9.0 Rc1
Phpmyadmin Phpmyadmin 2.9.0
Phpmyadmin Phpmyadmin 2.9.0.3
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.9.1 Rc1
Phpmyadmin Phpmyadmin 2.9.0 Beta1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »