| CVE-2016-5734 |
critical |
9.8 |
10.0 |
|
|
|
10y ago |
phpMyAdmin Code Injection vulnerability |
| CVE-2011-2506 |
high |
— |
8.5 |
|
|
|
15y ago |
phpMyAdmin vulnerable to static code injection |
| CVE-2011-4107 |
medium |
6.5 |
7.5 |
|
|
|
15y ago |
phpMyAdmin vulnerable to XML external entity (XXE) injection attack |
| CVE-2011-2505 |
medium |
— |
7.4 |
|
|
|
15y ago |
phpMyAdmin remote variable manipulation |
| CVE-2015-6830 |
medium |
— |
6.0 |
|
|
|
11y ago |
phpMyAdmin ReCaptcha bypass |
| CVE-2013-3239 |
medium |
— |
5.6 |
|
|
|
13y ago |
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename… |
| CVE-2019-12922 |
unknown |
— |
1.0 |
|
|
|
4y ago |
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page. |
| CVE-2020-5504 |
unknown |
— |
1.0 |
|
|
|
4y ago |
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this … |
| CVE-2019-12616 |
unknown |
— |
1.0 |
|
|
|
4y ago |
phpMyAdmin CSRF Vulnerability |
| CVE-2018-10188 |
unknown |
— |
1.0 |
|
|
|
4y ago |
phpMyAdmin CSRF vulnerability allowing arbitrary SQL execution |
| CVE-2017-1000499 |
unknown |
— |
1.0 |
|
|
|
4y ago |
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as dele… |
| CVE-2018-12613 |
unknown |
— |
1.0 |
|
|
|
4y ago |
phpMyAdmin Improper Authentication |
