Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyadmin phpmyadmin 4.5.3 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2016-2559
Cross-site scripting (XSS) vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x prior to 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.5.3.1
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.5.5
Phpmyadmin Phpmyadmin 4.5.3
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.4.1
Phpmyadmin Phpmyadmin 4.5.4
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.5.0.2
6.1
CVSSv3
CVE-2016-2560
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x prior to 4.0.10.15, 4.4.x prior to 4.4.15.5, and 4.5.x prior to 4.5.5.1 allow remote malicious users to inject arbitrary web script or HTML via (1) a crafted Host HTTP header, related to libraries/Config.clas...
Phpmyadmin Phpmyadmin 4.5.3
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.4.14
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.4
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.5.5
Phpmyadmin Phpmyadmin 4.5.4.1
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
5.4
CVSSv3
CVE-2016-2561
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x prior to 4.4.15.5 and 4.5.x prior to 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1) normalization.php or (2) js/normalization.js in the database normalization page, (3...
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.5.3.1
Phpmyadmin Phpmyadmin 4.5.3
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.10
6.8
CVSSv3
CVE-2016-2562
The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x prior to 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle malicious users to spoof these servers and obtain sensitive information via a crafted certi...
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.5.4.1
Phpmyadmin Phpmyadmin 4.5.4
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.5.5
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.5.3.1
Phpmyadmin Phpmyadmin 4.5.3
5.4
CVSSv3
CVE-2016-2043
Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x prior to 4.4.15.3 and 4.5.x prior to 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.5.3
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.4.15.1
5.3
CVSSv3
CVE-2016-2038
phpMyAdmin 4.0.x prior to 4.0.10.13, 4.4.x prior to 4.4.15.3, and 4.5.x prior to 4.5.4 allows remote malicious users to obtain sensitive information via a crafted request, which reveals the full path in an error message.
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.13.1
5.3
CVSSv3
CVE-2016-2039
libraries/session.inc.php in phpMyAdmin 4.0.x prior to 4.0.10.13, 4.4.x prior to 4.4.15.3, and 4.5.x prior to 4.5.4 does not properly generate CSRF token values, which allows remote malicious users to bypass intended access restrictions by predicting a value.
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.0.10.12
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.0.10.2
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
5.4
CVSSv3
CVE-2016-2040
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x prior to 4.0.10.13, 4.4.x prior to 4.4.15.3, and 4.5.x prior to 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) search query, or (4) host...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Phpmyadmin Phpmyadmin 4.5.3
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.15
7.5
CVSSv3
CVE-2016-2041
libraries/common.inc.php in phpMyAdmin 4.0.x prior to 4.0.10.13, 4.4.x prior to 4.4.15.3, and 4.5.x prior to 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote malicious users to bypass intended access restrictions by measurin...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.0.10.8
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.10.10
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.0.10.12
5.3
CVSSv3
CVE-2016-2042
phpMyAdmin 4.4.x prior to 4.4.15.3 and 4.5.x prior to 4.5.4 allows remote malicious users to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message.
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Phpmyadmin Phpmyadmin 4.5.1
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.5.2
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »