Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 2.7.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-1804
SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote malicious users to execute arbitrary SQL commands via the sql_query parameter.
Phpmyadmin Phpmyadmin 2.7.0 Pl1
Phpmyadmin Phpmyadmin 2.8.0.3
6.5
CVSSv2
CVE-2005-4349
SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the vendor and a third party have disputed this issue, saying that the main task of...
Phpmyadmin Phpmyadmin 2.7.0
5
CVSSv2
CVE-2006-6373
PhpMyAdmin 2.7.0-pl2 allows remote malicious users to obtain sensitive information via a direct request for libraries/common.lib.php, which reveals the path in an error message.
Phpmyadmin Phpmyadmin 2.7.0 Pl2
7.5
CVSSv2
CVE-2006-6374
Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4)...
Phpmyadmin Phpmyadmin 2.7.0 Pl2
7.5
CVSSv2
CVE-2005-4450
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.7.0 allows remote malicious users to perform unauthorized actions as a logged-in user via a link or IMG tag to server_privileges.php, as demonstrated using the dbname and checkprivs parameters. NOTE: the provenance o...
Phpmyadmin Phpmyadmin 2.7.0 Pl1
5
CVSSv2
CVE-2005-4079
The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote malicious users to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables.
Phpmyadmin Phpmyadmin 2.7.0 Rc1
4.3
CVSSv2
CVE-2006-1678
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.8.0.3 allow remote malicious users to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory.
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.7.0
Phpmyadmin Phpmyadmin 2.7.0 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.2.4
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2.0 Rc2
Phpmyadmin Phpmyadmin 2.5.0
Phpmyadmin Phpmyadmin 2.2.0 Rc1
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.6.1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.3.1
Phpmyadmin Phpmyadmin 2.7.0 Pl2
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.5.5 Rc1
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.4.0
Phpmyadmin Phpmyadmin 2.5.5
Phpmyadmin Phpmyadmin 2.5.7
4.3
CVSSv2
CVE-2006-5718
Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 up to and including 2.9.0.2 allows remote malicious users to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a requ...
Phpmyadmin Phpmyadmin 2.6.4 Rc1
Phpmyadmin Phpmyadmin 2.8.3
Phpmyadmin Phpmyadmin 2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl1
Phpmyadmin Phpmyadmin 2.9
Phpmyadmin Phpmyadmin 2.8.2
Phpmyadmin Phpmyadmin 2.9.2
Phpmyadmin Phpmyadmin 2.9 Rc1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.9.1
Phpmyadmin Phpmyadmin 2.6.4 Pl4
Phpmyadmin Phpmyadmin 2.8.1
Phpmyadmin Phpmyadmin 2.7.0 Beta1
Phpmyadmin Phpmyadmin 2.7
Phpmyadmin Phpmyadmin 2.8.4
5
CVSSv2
CVE-2005-3622
phpMyAdmin 2.7.0-beta1 and previous versions allows remote malicious users to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.
Phpmyadmin Phpmyadmin 2.5.2 Pl1
Phpmyadmin Phpmyadmin 2.6.2 Pl1
Phpmyadmin Phpmyadmin 2.6.1 Pl3
Phpmyadmin Phpmyadmin 2.6.0 Pl3
Phpmyadmin Phpmyadmin 2.5.7 Pl1
Phpmyadmin Phpmyadmin 2.6.4 Pl3
Phpmyadmin Phpmyadmin 2.5.4
Phpmyadmin Phpmyadmin 2.5.3
Phpmyadmin Phpmyadmin 2.6.4 Pl4
Phpmyadmin Phpmyadmin 2.5.6 Rc2
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.7 Pl1
Phpmyadmin Phpmyadmin 2.6.3 Pl1
Phpmyadmin Phpmyadmin 2.7.0 Beta1
Phpmyadmin Phpmyadmin 2.5.5 Pl1
4.3
CVSSv2
CVE-2008-4326
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin prior to 2.11.9.2, when Internet Explorer is used, allows remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</scri...
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.0
Phpmyadmin Phpmyadmin 2.0.0
Phpmyadmin Phpmyadmin 2.0.1
Phpmyadmin Phpmyadmin 2.0.2
Phpmyadmin Phpmyadmin 2.0.3
Phpmyadmin Phpmyadmin 2.0.4
Phpmyadmin Phpmyadmin 2.0.5
Phpmyadmin Phpmyadmin 2.1
Phpmyadmin Phpmyadmin 2.1.0
Phpmyadmin Phpmyadmin 2.1.1
Phpmyadmin Phpmyadmin 2.1.2
Phpmyadmin Phpmyadmin 2.2
Phpmyadmin Phpmyadmin 2.2.0
Phpmyadmin Phpmyadmin 2.2.0 Pre1
Phpmyadmin Phpmyadmin 2.2.0 Pre2
Phpmyadmin Phpmyadmin 2.2.0 Rc1
Phpmyadmin Phpmyadmin 2.2.0 Rc2
Phpmyadmin Phpmyadmin 2.2.0 Rc3
Phpmyadmin Phpmyadmin 2.2.2
Phpmyadmin Phpmyadmin 2.2.3
Phpmyadmin Phpmyadmin 2.2.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »