VIR Vulnerability Intelligence Relay

Search

Found 132 results in 40ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2013-1937 medium 6.1 7.1 EXPFIX debian debian phpmyadmin 13y ago Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visua…
CVE-2012-5469 high 8.5 EXP phpmyadminwordpress 14y ago The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-php…
CVE-2012-5368 medium 4.3 FIX debian debian phpmyadmin 14y ago phpMyAdmin Unsafe Fetching of Javascript Code
CVE-2012-5159 high 8.5 EXPFIX debian debian phpmyadmin 14y ago phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allo…
CVE-2012-4219 medium 5.0 FIX debian debian phpmyadmin 14y ago show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, relate…
CVE-2012-1190 medium 4.3 FIX debian debian phpmyadmin 14y ago Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web …
CVE-2012-1902 medium 4.3 FIX debian debian phpmyadmin 14y ago show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the i…
CVE-2011-1941 medium 4.3 FIX debian debian phpmyadmin 15y ago phpMyAdmin Open Redirect in redirector
CVE-2011-1940 medium 4.3 FIX debian debian phpmyadmin 15y ago Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name t…
CVE-2011-4782 medium 4.3 FIX debian debian phpmyadmin 15y ago Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTM…
CVE-2011-4780 medium 4.3 FIX debian debian phpmyadmin 15y ago Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL …
CVE-2011-4634 medium 4.3 FIX debian debian phpmyadmin 15y ago Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Data…
CVE-2011-4107 medium 6.5 7.5 EXPFIX fedora fedoradebian debian phpmyadmin 15y ago phpMyAdmin vulnerable to XML external entity (XXE) injection attack
CVE-2011-3646 medium 5.0 FIX debian debian phpmyadmin 15y ago phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation…
CVE-2011-4064 medium 4.3 FIX debian debian phpmyadmin 15y ago Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
CVE-2011-3181 medium 4.3 FIX debian debian phpmyadmin 15y ago Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML vi…
CVE-2011-2719 medium 6.4 FIX debian debian phpmyadmin 15y ago libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attac…
CVE-2011-2718 medium 6.0 FIX debian debian phpmyadmin 15y ago phpMyAdmin Directory Traversal Vulnerability
CVE-2011-2643 medium 6.8 FIX debian debian phpmyadmin 15y ago Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via direct…
CVE-2011-2508 medium 6.0 FIX debian debian phpmyadmin 15y ago phpMyAdmin Directory Traversal vulnerability
CVE-2011-2507 medium 6.5 FIX debian debian phpmyadmin 15y ago libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote auth…
CVE-2011-2506 high 8.5 EXPFIX debian debian phpmyadmin 15y ago phpMyAdmin vulnerable to static code injection
CVE-2011-2505 medium 7.4 EXPFIX debian debian phpmyadmin 15y ago phpMyAdmin remote variable manipulation
CVE-2011-0987 medium 6.5 FIX debian debian phpmyadmin 16y ago The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for rem…
CVE-2011-0986 medium 5.0 FIX debian debian phpmyadmin 16y ago phpMyAdmin allows remote attackers to obtain installation path via direct request for nonexistent file
CVE-2010-4481 medium 5.0 FIX debian debian phpmyadmin 16y ago phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function.
CVE-2010-4480 medium 5.3 EXPFIX debian debian phpmyadmin 16y ago error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing "@" characters, as de…
CVE-2010-4329 medium 4.3 FIX debian debian phpmyadmin 16y ago Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 a…
CVE-2010-3263 medium 4.3 FIX debian debian phpmyadmin 16y ago Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote attackers to inject arbitrary web script or HTML via a server n…
CVE-2010-2958 medium 4.3 FIX debian debian phpmyadmin 16y ago Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtr…
CVE-2010-3056 medium 4.3 FIX debian debian phpmyadmin 16y ago Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (…
CVE-2010-3055 high 7.5 FIX debian debian phpmyadmin 16y ago The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrar…