VIR Vulnerability Intelligence Relay

Search

Found 114 results in 32ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2011-2719 medium 6.4 FIX debian debian phpmyadmin 15y ago libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attac…
CVE-2011-2718 medium 6.0 FIX debian debian phpmyadmin 15y ago phpMyAdmin Directory Traversal Vulnerability
CVE-2011-2643 medium 6.8 FIX debian debian phpmyadmin 15y ago Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via direct…
CVE-2011-2508 medium 6.0 FIX debian debian phpmyadmin 15y ago phpMyAdmin Directory Traversal vulnerability
CVE-2011-2507 medium 6.5 FIX debian debian phpmyadmin 15y ago libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote auth…
CVE-2011-2505 medium 7.4 EXPFIX debian debian phpmyadmin 15y ago phpMyAdmin remote variable manipulation
CVE-2011-0987 medium 6.5 FIX debian debian phpmyadmin 16y ago The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for rem…
CVE-2011-0986 medium 5.0 FIX debian debian phpmyadmin 16y ago phpMyAdmin allows remote attackers to obtain installation path via direct request for nonexistent file
CVE-2010-4481 medium 5.0 FIX debian debian phpmyadmin 16y ago phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function.
CVE-2010-4480 medium 5.3 EXPFIX debian debian phpmyadmin 16y ago error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing "@" characters, as de…
CVE-2010-4329 medium 4.3 FIX debian debian phpmyadmin 16y ago Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 a…
CVE-2010-3263 medium 4.3 FIX debian debian phpmyadmin 16y ago Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote attackers to inject arbitrary web script or HTML via a server n…
CVE-2010-2958 medium 4.3 FIX debian debian phpmyadmin 16y ago Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtr…
CVE-2010-3056 medium 4.3 FIX debian debian phpmyadmin 16y ago Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (…