Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2011-4107
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x prior to 3.4.7.1 and 3.3.x prior to 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML extern...
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 16
Fedoraproject Fedora 15
Fedoraproject Fedora 14
Debian Debian Linux 5.0
1 EDB exploit
6.3
CVSSv3
CVE-2016-6628
An issue exists in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions (before 4.6.4), 4.4.x versions (before 4.4.15.8), and 4.0.x versions (before 4.0.10.17) are affected.
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.15.4
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.15.7
Phpmyadmin Phpmyadmin 4.4.15.6
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.14
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15
6.1
CVSSv3
CVE-2022-23808
An issue exists in phpMyAdmin 5.1 prior to 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
Phpmyadmin Phpmyadmin
1 Github repository
6.1
CVSSv3
CVE-2020-26934
phpMyAdmin prior to 4.9.6 and 5.x prior to 5.0.3 allows XSS through the transformation feature via a crafted link.
Phpmyadmin Phpmyadmin
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2020-11441
phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable.
Phpmyadmin Phpmyadmin 5.0.2
6.1
CVSSv3
CVE-2018-19970
In phpMyAdmin prior to 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2018-15605
An issue exists in phpMyAdmin prior to 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.
Phpmyadmin Phpmyadmin
6.1
CVSSv3
CVE-2018-12581
An issue exists in js/designer/move.js in phpMyAdmin prior to 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
Phpmyadmin Phpmyadmin
6.1
CVSSv3
CVE-2017-1000013
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15.8
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.4
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.4
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10.8
6.1
CVSSv3
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.4
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10.10
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.10.17
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.15.7
Phpmyadmin Phpmyadmin 4.6.0
Phpmyadmin Phpmyadmin 4.6.1
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »