Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 3.1.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-1149
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin prior to 3.1.3.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameter...
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin
5
CVSSv2
CVE-2009-1148
Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin prior to 3.1.3.1 allows remote malicious users to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable).
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.0
7.5
CVSSv2
CVE-2009-1285
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x prior to 3.1.3.2 allows remote malicious users to inject arbitrary PHP code into configuration files.
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.3.1
Phpmyadmin Phpmyadmin 3.1.0.0
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.0.0
4.3
CVSSv2
CVE-2010-2958
Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x prior to 3.3.6 allows remote malicious users to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages (aka debugging messages), a different vulnerabilit...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.2.0
Phpmyadmin Phpmyadmin 3.1.3.2
Phpmyadmin Phpmyadmin 3.3.5.1
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.1.3.1
Phpmyadmin Phpmyadmin 3.2.2
4.3
CVSSv2
CVE-2010-3263
Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x prior to 3.3.7 allows remote malicious users to inject arbitrary web script or HTML via a server name.
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.3.2.0
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.3.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.1
Phpmyadmin Phpmyadmin 3.3.6.0
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.0.1
Phpmyadmin Phpmyadmin 3.1.3.2
Phpmyadmin Phpmyadmin 3.2.2
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.0.0
7.5
CVSSv2
CVE-2009-1151
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x prior to 2.11.9.5 and 3.x prior to 3.1.3.1 allows remote malicious users to inject arbitrary PHP code into a configuration file via the save action.
Phpmyadmin Phpmyadmin
Phpmyadmin Phpmyadmin 2.11.9.4
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 2.11.9
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 2.11.0
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.5
3 EDB exploits
2 Github repositories
4.3
CVSSv2
CVE-2009-1150
Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x prior to 2.11.9.5 and 3.x prior to 3.1.3.1 allow remote malicious users to inject arbitrary web script or HTML via the pma_db_filename_template cookie.
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.5
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.1.1
Phpmyadmin Phpmyadmin 2.11.1.0
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.9
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.3.0
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.9.3
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.5.1
Phpmyadmin Phpmyadmin 2.11.4
7.5
CVSSv2
CVE-2011-2506
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote malicious users to conduct static code injection attacks by leveraging the ability to modi...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
2 EDB exploits
6.5
CVSSv2
CVE-2011-2507
libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and cons...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
6
CVSSv2
CVE-2011-2508
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot d...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »