Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-18622
An issue exists in phpMyAdmin prior to 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
Phpmyadmin Phpmyadmin
Opensuse Leap 15.0
Fedoraproject Fedora 30
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
668
VMScore
CVE-2019-11768
An issue exists in phpMyAdmin prior to 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.
Phpmyadmin Phpmyadmin
668
VMScore
CVE-2019-6798
An issue exists in phpMyAdmin prior to 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.
Phpmyadmin Phpmyadmin
668
VMScore
CVE-2017-18264
An issue exists in libraries/common.inc.php in phpMyAdmin 4.0 prior to 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions (e.g., version 5). This can...
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 4.7.0
Debian Debian Linux 8.0
668
VMScore
CVE-2016-9865
An issue exists in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (before 4.6.5), 4.4.x versions (before 4.4.15.9), and 4.0.x versions (before 4.0.10.18) are affected.
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.6
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.10.12
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.10.16
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.3
668
VMScore
CVE-2016-9849
An issue exists in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (before 4.6.5), 4.4.x versions (before 4.4.15.9), and 4.0.x vers...
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.0.10.12
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.6
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.10.17
Phpmyadmin Phpmyadmin 4.0.10.16
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.4
668
VMScore
CVE-2016-6620
An issue exists in phpMyAdmin. Some data is passed to the PHP unserialize() function without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x version...
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.3
Phpmyadmin Phpmyadmin 4.6.2
Phpmyadmin Phpmyadmin 4.0.10.10
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.0.10.2
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.10.16
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10.7
668
VMScore
CVE-2016-5703
SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x prior to 4.4.15.7 and 4.6.x prior to 4.6.3 allows remote malicious users to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query.
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.15.4
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.1.1
668
VMScore
CVE-2010-3055
The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x prior to 2.11.10.1 does not properly restrict key names in its output file, which allows remote malicious users to execute arbitrary PHP code via a crafted POST request.
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.8.0
Phpmyadmin Phpmyadmin 2.11.4.0
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 2.11.9.5
Phpmyadmin Phpmyadmin 2.11.10.0
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.9.6
Phpmyadmin Phpmyadmin 2.11.2.0
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.9.3
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 2.11.9.4
Phpmyadmin Phpmyadmin 2.11.7.1
Phpmyadmin Phpmyadmin 2.11.3.0
668
VMScore
CVE-2009-3697
SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x prior to 2.11.9.6 and 3.x prior to 3.2.2.1 allows remote malicious users to execute arbitrary SQL commands via unspecified interface parameters.
Phpmyadmin Phpmyadmin 2.11.0beta1
Phpmyadmin Phpmyadmin 2.11.0.0
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 2.11.0
Phpmyadmin Phpmyadmin 2.11.3.0
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.7
Phpmyadmin Phpmyadmin 2.11.9
Phpmyadmin Phpmyadmin 3.0.0-alpha
Phpmyadmin Phpmyadmin 3.0.0-beta
Phpmyadmin Phpmyadmin 3.1.3.1
Phpmyadmin Phpmyadmin 3.1.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »