Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

administrate vulnerabilities and exploits

(subscribe to this query)
5.4
CVSSv3

CVE-2016-3098

Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and previous versions allows remote malicious users to hijack the user's OAuth autorization code.
* AdministrateThoughtbot Administrate
8.1
CVSSv3

CVE-2020-5257

In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present a SQL injection if the attacker were able to modify the `direction` parameter and...
Thoughtbot Administrate
4.3
CVSSv3

CVE-2021-32657

Nextcloud Server is a Nextcloud package that handles data storage. In versions of Nextcloud Server before 10.0.11, 20.0.10, and 21.0.2, a malicious user may be able to break the user administration page. This would disallow administrators to administrate users on the Nextcloud in...
Nextcloud Security-advisoriesNextcloud Nextcloud Server
5
CVSSv2

CVE-2005-2256

Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote malicious users to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
Phppgadmin Phppgadmin 3.1Phppgadmin Phppgadmin 3.2Phppgadmin Phppgadmin 3.3Phppgadmin Phppgadmin 3.4Phppgadmin Phppgadmin 3.4.1Phppgadmin Phppgadmin 3.5.3
9.3
CVSSv2

CVE-2007-2865

Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote malicious users to inject arbitrary web script or HTML via the server parameter.
Phppgadmin Phppgadmin 4.1.1
4.3
CVSSv2

CVE-2008-5587

Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and previous versions, when register_globals is enabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
Phppgadmin PhppgadminPhppgadmin Phppgadmin 2.2Phppgadmin Phppgadmin 2.2.1Phppgadmin Phppgadmin 3.1Phppgadmin Phppgadmin 3.4.1Phppgadmin Phppgadmin 3.5Phppgadmin Phppgadmin 3.5.2Phppgadmin Phppgadmin 3.5.3Phppgadmin Phppgadmin 4.1.1
6.4
CVSSv2

CVE-2008-3456

phpMyAdmin prior to 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote malicious users to conduct spoofing or phishing activities via a cross-site framing attack.
Phpmyadmin PhpmyadminPhpmyadmin Phpmyadmin 2.0Phpmyadmin Phpmyadmin 2.0.0Phpmyadmin Phpmyadmin 2.0.1Phpmyadmin Phpmyadmin 2.0.2Phpmyadmin Phpmyadmin 2.0.3Phpmyadmin Phpmyadmin 2.0.4Phpmyadmin Phpmyadmin 2.0.5Phpmyadmin Phpmyadmin 2.1Phpmyadmin Phpmyadmin 2.1.0Phpmyadmin Phpmyadmin 2.1.1Phpmyadmin Phpmyadmin 2.1.2
8.5
CVSSv2

CVE-2008-4096

libraries/database_interface.lib.php in phpMyAdmin prior to 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.
Phpmyadmin PhpmyadminPhpmyadmin Phpmyadmin 2.0Phpmyadmin Phpmyadmin 2.0.0Phpmyadmin Phpmyadmin 2.0.1Phpmyadmin Phpmyadmin 2.0.2Phpmyadmin Phpmyadmin 2.0.3Phpmyadmin Phpmyadmin 2.0.4Phpmyadmin Phpmyadmin 2.0.5Phpmyadmin Phpmyadmin 2.1Phpmyadmin Phpmyadmin 2.1.0Phpmyadmin Phpmyadmin 2.1.1Phpmyadmin Phpmyadmin 2.1.2
4.3
CVSSv2

CVE-2007-5728

Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote malicious users to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE...
Phppgadmin Phppgadmin 3.5Phppgadmin Phppgadmin 3.5.2Phppgadmin Phppgadmin 3.5.3Phppgadmin Phppgadmin 4.1.1
6
CVSSv2

CVE-2008-5621

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x prior to 2.11.9.4 and 3.x prior to 3.1.1.0 allows remote malicious users to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: oth...
Phpmyadmin Phpmyadmin 2.11.0Phpmyadmin Phpmyadmin 2.11.0.0Phpmyadmin Phpmyadmin 2.11.1Phpmyadmin Phpmyadmin 2.11.1.0Phpmyadmin Phpmyadmin 2.11.1.1Phpmyadmin Phpmyadmin 2.11.1.2Phpmyadmin Phpmyadmin 2.11.2Phpmyadmin Phpmyadmin 2.11.2.0Phpmyadmin Phpmyadmin 2.11.2.1Phpmyadmin Phpmyadmin 2.11.2.2Phpmyadmin Phpmyadmin 2.11.3Phpmyadmin Phpmyadmin 2.11.3.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-49820firefoxnet/httpCVE-2025-49816konsolefile inclusionCVE-2025-33053theeventscalendarCVE-2025-49822CVE-2025-3052XXEHTML injectionCVE-2025-5959
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook