Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2011-2643
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x prior to 3.4.3.2, when configuration storage is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
Phpmyadmin Phpmyadmin 3.4.0.0
Phpmyadmin Phpmyadmin 3.4.3.1
Phpmyadmin Phpmyadmin 3.4.1.0
Phpmyadmin Phpmyadmin 3.4.2.0
Phpmyadmin Phpmyadmin 3.4.3.0
6.8
CVSSv2
CVE-2007-2245
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.10.1.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function.
Phpmyadmin Phpmyadmin 2.10.1.0
6.8
CVSSv2
CVE-2006-6942
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin prior to 2.9.1.1 allow remote malicious users to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) th...
Phpmyadmin Phpmyadmin 2.9.1 Rc2
Phpmyadmin Phpmyadmin 2.9.0.1
Phpmyadmin Phpmyadmin 2.9.0.2
Phpmyadmin Phpmyadmin 2.9.0 Rc1
Phpmyadmin Phpmyadmin 2.9.0
Phpmyadmin Phpmyadmin 2.9.0.3
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.9.1 Rc1
Phpmyadmin Phpmyadmin 2.9.0 Beta1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
4 EDB exploits
6.8
CVSSv2
CVE-2007-0341
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and previous versions, when Microsoft Internet Explorer 6 is used, allows remote malicious users to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level ...
Phpmyadmin Phpmyadmin 2.8.1
6.8
CVSSv2
CVE-2007-0204
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.9.2-rc1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
Phpmyadmin Phpmyadmin
6.8
CVSSv2
CVE-2006-2418
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin prior to 2.8.0.4 allow remote malicious users to inject arbitrary web script or HTML via the db parameter in unknown scripts.
Phpmyadmin Phpmyadmin 2.8.0.3
6.8
CVSSv2
CVE-2004-1055
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) a...
Phpmyadmin Phpmyadmin 2.5.0
Phpmyadmin Phpmyadmin 2.5.5 Rc1
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.5.5
Phpmyadmin Phpmyadmin 2.5.7
Phpmyadmin Phpmyadmin 2.5.6 Rc1
Phpmyadmin Phpmyadmin 2.6.0 Pl1
Phpmyadmin Phpmyadmin 2.5.2
Phpmyadmin Phpmyadmin 2.5.1
Phpmyadmin Phpmyadmin 2.6.0 Pl2
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.5 Rc2
Phpmyadmin Phpmyadmin 2.5.5 Pl1
Gentoo Linux 1.4
6.5
CVSSv2
CVE-2020-5504
In phpMyAdmin 4 prior to 4.9.4 and 5 prior to 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
Phpmyadmin Phpmyadmin
Suse Suse Linux Enterprise Server 12
Debian Debian Linux 8.0
2 Github repositories
6.5
CVSSv2
CVE-2018-12613
An issue exists in phpMyAdmin 4.8.x prior to 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pa...
Phpmyadmin Phpmyadmin
3 EDB exploits
17 Github repositories
6.5
CVSSv2
CVE-2017-1000017
phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server
Phpmyadmin Phpmyadmin
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »