| CVE-2017-1000017 |
high |
8.8 |
8.8 |
|
|
|
9y ago |
phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server |
| CVE-2016-6609 |
high |
8.8 |
8.8 |
|
|
|
10y ago |
phpMyAdmin PHP code injection |
| CVE-2016-6621 |
high |
8.6 |
8.6 |
|
|
|
10y ago |
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors. |
| CVE-2011-2506 |
high |
— |
8.5 |
|
|
|
15y ago |
phpMyAdmin vulnerable to static code injection |
| CVE-2016-6633 |
high |
8.1 |
8.1 |
|
|
|
10y ago |
phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension |
| CVE-2017-1000018 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name |
| CVE-2017-1000016 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18. |
| CVE-2017-1000014 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality |
| CVE-2016-9863 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
phpMyAdmin DoS Vulnerability |
| CVE-2016-9861 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
phpMyAdmin Bypass white-list protection for URL redirection |
| CVE-2016-5739 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, … |
| CVE-2016-5706 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts paramet… |
| CVE-2016-2041 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier fo… |
| CVE-2016-1927 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easie… |
| CVE-2016-5702 |
low |
3.7 |
3.7 |
|
|
|
10y ago |
phpMyAdmin cookie-attribute injection |
| CVE-2011-3592 |
low |
— |
3.5 |
|
|
|
12y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script o… |
| CVE-2011-3591 |
low |
— |
3.5 |
|
|
|
12y ago |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an imprope… |
| CVE-2014-8326 |
low |
— |
3.5 |
|
|
|
12y ago |
phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page |
| CVE-2014-7217 |
low |
— |
3.5 |
|
|
|
12y ago |
phpMyAdmin cross-site scripting Vulnerability via ENUM value |
| CVE-2014-5274 |
low |
— |
3.5 |
|
|
|
12y ago |
phpMyAdmin cross-site scripting vulnerability in crafted view name |
| CVE-2014-4986 |
low |
— |
3.5 |
|
|
|
12y ago |
phpMyAdmin cross-site scripting Vulnerability in Table or Column Names |
| CVE-2013-5002 |
low |
— |
3.5 |
|
|
|
13y ago |
phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value |
| CVE-2012-5339 |
low |
— |
3.5 |
|
|
|
14y ago |
phpMyAdmin multiple cross-site scripting vulnerabilities |
| CVE-2012-4579 |
low |
— |
3.5 |
|
|
|
14y ago |
phpMyAdmin Multiple XSS Vulnerabilities |
| CVE-2012-4345 |
low |
— |
3.5 |
|
|
|
14y ago |
phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page |
