phpmyadmin/phpmyadmin Security Advisories (107)
-
[MEDIUM] phpMyAdmin XSS when checking tables
PKSA-prvw-8r5k-1v9d CVE-2025-24530 GHSA-222v-cx2c-q2f5
Affected version: >=5.0.0,<5.2.2
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
PKSA-3y21-7x4r-6hyz CVE-2023-25727 GHSA-6hr3-44gx-g6wh
Affected version: >=5.0,<5.2.1|>=4.3.0,<4.9.11
Reported by:
GitHub -
[CRITICAL] phpmyadmin contains SQL Injection vulnerability
PKSA-d4h1-687r-vcyy CVE-2020-22452 GHSA-prcg-mc23-hgjh
Affected version: >=5.0.0,<5.0.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-Site Request Forgery (CSRF)
PKSA-hjst-v1cr-6c68 CVE-2019-12922 GHSA-4c9q-64gq-xhx4
Affected version: <=4.9.0.1
Reported by:
GitHub -
[CRITICAL] phpMyAdmin unsanitized Git information
PKSA-2p6g-8fhm-wpz8 CVE-2019-19617 GHSA-pgph-mc4p-f8c3
Affected version: <4.9.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin CSRF Vulnerability
PKSA-61t2-8dhb-6pfx CVE-2019-12616 GHSA-mfr9-pcm3-6mwc
Affected version: <4.9.0
Reported by:
GitHub -
[CRITICAL] phpMyAdmin SQL injection in Designer feature
PKSA-qmwv-jdyx-shqc CVE-2019-11768 GHSA-x37v-98f9-mj32
Affected version: <4.9.0.1
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site Scripting vulnerability
PKSA-t9c3-krw1-xxjz CVE-2010-2958 GHSA-frv8-xjcp-hrm2
Affected version: >=3.0.0,<3.3.6
Reported by:
GitHub -
[HIGH] phpMyAdmin allows remote attackers to bypass authentication and obtain sensitive information
PKSA-58bw-cgd9-bddb CVE-2010-4481 GHSA-gmc7-jvv7-w245
Affected version: <3.4.0-beta1
Reported by:
GitHub -
[HIGH] phpMyAdmin unsafely handles temporary files
PKSA-vvtr-znb6-rqfm CVE-2008-7252 GHSA-9645-6g72-2pv8
Affected version: >=2.11.0,<2.11.10
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Open Redirect in redirector
PKSA-rkzz-q7g2-qw9q CVE-2011-1941 GHSA-v6fw-xf2c-8q43
Affected version: >=3.4.0,<3.4.1
Reported by:
GitHub -
[LOW] phpMyAdmin Multiple XSS Vulnerabilities
PKSA-34nb-95xx-15mm CVE-2012-4579 GHSA-q7v2-w38r-pv7v
Affected version: >=3.5,<3.5.2.2
Reported by:
GitHub -
[LOW] phpMyAdmin Vulnerable to Cross-Site Scripting
PKSA-gk73-xmbw-rtr4 CVE-2011-1940 GHSA-4q58-5x28-53wv
Affected version: >=3.4.0,<3.4.1|>=3.3.0,<3.3.10.1
Reported by:
GitHub -
[LOW] phpMyAdmin vulnerable to Cross-site Scripting
PKSA-x1t8-7w3c-q9sh CVE-2011-4634 GHSA-9j9h-cpgc-8356
Affected version: >=3.4.0,<3.4.8
Reported by:
GitHub -
[LOW] phpMyAdmin multiple cross-site scripting vulnerabilities
PKSA-5rp1-mq97-n6dq CVE-2012-5339 GHSA-rfpg-2fp8-2fph
Affected version: >=3.5,<3.5.3
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Unsafe Fetching of Javascript Code
PKSA-q2cg-b31b-wc4f CVE-2012-5368 GHSA-xpxp-v33m-5jp9
Affected version: >=3.5,<3.5.3
Reported by:
GitHub -
[LOW] phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
PKSA-8h9q-nybq-cr5t CVE-2012-4345 GHSA-r3pq-mp8v-cp33
Affected version: >=3.5,<3.5.2.2|>=3.4,<3.4.11.1
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Global variables scope injection vulnerability
PKSA-875g-sgtd-nxx8 CVE-2013-4729 GHSA-x962-w72p-mv7q
Affected version: >=4.0,<4.0.4.1
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities
PKSA-jhts-qn3q-hjg4 CVE-2013-4997 GHSA-5gh4-v2ch-pcx4
Affected version: >=3.5,<3.5.8.2
Reported by:
GitHub -
[HIGH] phpMyAdmin Remote Code Execution
PKSA-px4b-qw1t-3smb CVE-2013-3239 GHSA-gg36-9346-9qx9
Affected version: >=3.5.0,<3.5.8.1
Reported by:
GitHub -
[LOW] phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
PKSA-jdd5-1ntr-9cxw CVE-2011-3591 GHSA-3p87-w3c5-27gf
Affected version: >=3.4.0,<3.4.5
Reported by:
GitHub -
[LOW] phpMyAdmin Multiple XSS Vulnerabilities
PKSA-ncsc-wfjp-4wqd CVE-2011-3592 GHSA-5p69-rmx8-7gw7
Affected version: >=3.4.0,<3.4.5
Reported by:
GitHub -
[LOW] phpMyAdmin cross-site scripting Vulnerability via ENUM value
PKSA-v2nv-4f41-8njh CVE-2014-7217 GHSA-wv8g-fx9j-q2jg
Affected version: >=4.2.0,<4.2.9.1|>=4.1.0,<4.1.14.5|>=4.0.0,<4.0.10.4
Reported by:
GitHub -
[HIGH] phpMyAdmin Cryptographic Vulnerability
PKSA-dz54-yxz3-dv5t CVE-2016-1927 GHSA-4gmg-gwjh-3mmr
Affected version: >=4.5.0,<4.5.4|>=4.4.0,<4.4.15.3|>=4.0.0,<4.0.10.13
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site scripting (XSS) vulnerability in SQL parser
PKSA-6751-5d85-g7fs CVE-2016-2559 GHSA-7rf8-9r8f-qf59
Affected version: >=4.5,<4.5.5.1
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Improper Input Validation
PKSA-4jgq-g7tw-v3dc CVE-2016-2562 GHSA-w8qg-j9fp-hrjf
Affected version: >=4.5,<4.5.5.1
Reported by:
GitHub -
[HIGH] phpMyAdmin allows remote attackers to spoof content via the url parameter
PKSA-sbzc-2td3-gbx4 CVE-2015-7873 GHSA-5pmg-qh2c-7j24
Affected version: >=4.5.0,<4.5.1|>=4.4.0,<4.4.15.1
Reported by:
GitHub -
[LOW] phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
PKSA-qh4q-57mw-kc4j CVE-2014-4986 GHSA-jqmr-wqgp-8mh2
Affected version: >=4.2.0,<4.2.6|>=4.1.0,<4.1.14.2|>=4.0.0,<4.0.10.1
Reported by:
GitHub -
[MEDIUM] phpMyAdmin ReCaptcha bypass
PKSA-p7r4-cghb-2rcd CVE-2015-6830 GHSA-v6fh-vg22-r6cm
Affected version: >=4.4.0,<4.4.14.1|>=4.3.0,<4.3.13.2
Reported by:
GitHub -
[LOW] phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
PKSA-qd2f-66qg-7kd5 CVE-2013-5002 GHSA-p632-5w74-x8xx
Affected version: >=4.0,<4.0.4.2|>=3.5,<3.5.8.2
Reported by:
GitHub -
[LOW] phpMyAdmin cookie-attribute injection
PKSA-64n9-s5k5-1h1z CVE-2016-5702 GHSA-xqw9-ffx7-g998
Affected version: >=4.6.0,<4.6.3
Reported by:
GitHub -
[MEDIUM] phpMyAdmin XSS Vulnerability
PKSA-8mq8-nyjs-vtpb CVE-2016-5704 GHSA-gcvp-cwgw-wx8j
Affected version: >=4.6.0,<4.6.3
Reported by:
GitHub -
[MEDIUM] phpMyAdmin XSS Vulnerability
PKSA-cqjr-b439-8h8w CVE-2016-5732 GHSA-3q28-xfw3-2q35
Affected version: >=4.6.0,<4.6.3
Reported by:
GitHub -
[CRITICAL] phpMyAdmin Code Injection vulnerability
PKSA-6dpn-1pq5-f8pb CVE-2016-5734 GHSA-rv57-479x-x4qv
Affected version: >=4.6.0,<4.6.3|>=4.4.15.0,<4.4.15.7|>=4.0.10.0,<4.0.10.16
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site Scripting (XSS)
PKSA-7wxn-nbtn-by9z CVE-2016-6608 GHSA-jfmj-27fp-qp67
Affected version: >=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Local file exposure
PKSA-vkh8-gfxc-r7wd CVE-2016-6612 GHSA-fcgm-62p3-f7cm
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Local file exposure through symlinks with UploadDir
PKSA-7mp9-54n6-nkzd CVE-2016-6613 GHSA-6j2v-g9rg-qcm5
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin DoS Vulnerability
PKSA-6z55-t2ck-z9fr CVE-2016-6623 GHSA-2mcj-3r3r-v5wm
Affected version: >=4.0.0,<4.0.10.17|>=4.4.0,<4.4.15.8|>=4.6.0,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention
PKSA-7qxh-bq5b-738p CVE-2016-6624 GHSA-mhxj-6vf8-mwv3
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin allows to detect if user is logged in
PKSA-h3k8-czvq-hx91 CVE-2016-6625 GHSA-r643-7xfg-ppc5
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Reflected File Download attack
PKSA-x3yd-1gnv-sc7c CVE-2016-6628 GHSA-phhm-63xx-v9rr
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[CRITICAL] phpMyAdmin Authentication Bypass
PKSA-1vh5-psjw-1dvs CVE-2016-6629 GHSA-567r-vqj7-5cw7
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Denial of service (DOS) attack with dbase extension
PKSA-4f5c-7vzq-htyq CVE-2016-6632 GHSA-426q-975p-w5cr
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[HIGH] phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension
PKSA-pm88-njqr-y8kt CVE-2016-6633 GHSA-p849-vf5f-f3x7
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cryptographic Vulnerability
PKSA-gvqf-w79n-rz96 CVE-2016-9847 GHSA-9xhq-pm7v-693p
Affected version: >=4.0,<4.0.10.18|>=4.4,<4.4.15.9|>=4.6,<4.6.5
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Bypass logout timeout
PKSA-jpw9-d4py-djzw CVE-2016-9851 GHSA-r2vw-p77f-vc27
Affected version: >=4.4,<4.4.15.9|>=4.6,<4.6.5
Reported by:
GitHub -
[MEDIUM] phpMyAdmin path disclosure
PKSA-y28v-ygdv-dcs1 CVE-2016-9853 GHSA-rmmf-5xhh-gg27
Affected version: >=4.4.0,<4.4.15.9|>=4.6.0,<4.6.5
Reported by:
GitHub -
[MEDIUM] phpMyAdmin XSS Vulnerability
PKSA-v8kc-b1p4-xght CVE-2016-9857 GHSA-hmmx-wxh4-9w8w
Affected version: >=4.0,<4.0.10.18|>=4.4,<4.4.15.9|>=4.6,<4.6.5
Reported by:
GitHub -
[MEDIUM] phpMyAdmin XSS Vulnerability
PKSA-1jxh-86ff-458y CVE-2016-9856 GHSA-j8mx-x32r-5rf4
Affected version: >=4.0,<4.0.10.18|>=4.4,<4.4.15.9|>=4.6,<4.6.5
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Denial of Service (DoS)
PKSA-bf24-j71w-mqh8 CVE-2016-9860 GHSA-3hw5-fffc-qrg4
Affected version: >=4.0,<4.0.10.18|>=4.4,<4.4.15.9|>=4.6,<4.6.5
Reported by:
GitHub -
[HIGH] phpMyAdmin Bypass white-list protection for URL redirection
PKSA-x2xc-v32b-kt2k CVE-2016-9861 GHSA-r326-mp8g-6xfc
Affected version: >=4.0,<4.0.10.18|>=4.4,<4.4.15.9|>=4.6,<4.6.5
Reported by:
GitHub -
[HIGH] phpMyAdmin DoS Vulnerability
PKSA-7q86-vp51-9y8b CVE-2016-9863 GHSA-qgrq-64g6-mmh6
Affected version: >=4.6.0,<4.6.5
Reported by:
GitHub -
[CRITICAL] phpMyAdmin CSRF Vulnerability
PKSA-z89r-2bht-1vq7 CVE-2016-9866 GHSA-jvxx-8xxf-5495
Affected version: >=4.0.0,<4.0.10.18|>=4.4.0,<4.4.15.9|>=4.6.0,<4.6.5
Reported by:
GitHub -
[HIGH] phpMyAdmin Cookie attribute injection attack
PKSA-x8tg-5hjd-m1gj CVE-2017-1000016 GHSA-j2cq-h6v2-f875
Affected version: >=4.6,<4.6.6
Reported by:
GitHub -
[MEDIUM] phpMyAdmin allows remote attackers to obtain installation path via direct request for nonexistent file
PKSA-4dz8-8xp5-bpxg CVE-2011-0986 GHSA-wcmm-28rg-mg3r
Affected version: >=3.3.0,<3.3.9.1|>=2.11.0,<2.11.11.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Directory Traversal Vulnerability
PKSA-15tf-t978-skjq CVE-2011-2718 GHSA-xhqq-554j-p4x8
Affected version: >=3.4,<3.4.3.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin vulnerable to XML external entity (XXE) injection attack
PKSA-rmn1-gxrc-4qyq CVE-2011-4107 GHSA-q4mm-89q2-xffg
Affected version: >=3.3.0,<3.3.10.5|>=3.4.0,<3.4.7.1
Reported by:
GitHub -
[LOW] phpMyAdmin Cross-site Scripting vulnerability
PKSA-vxfy-5xqf-d5ft CVE-2011-4782 GHSA-2h23-c973-x63q
Affected version: >=3.4.0,<3.4.9
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
PKSA-62z7-y8f8-22d7 CVE-2018-7260 GHSA-gqmj-f46x-wqhw
Affected version: <4.7.8
Reported by:
GitHub -
[HIGH] phpMyAdmin CSRF vulnerability allowing arbitrary SQL execution
PKSA-jxqq-xphh-hj4w CVE-2018-10188 GHSA-v6fp-h79x-9rqc
Affected version: >=4.8,<4.8.0.1
Reported by:
GitHub -
[HIGH] phpMyAdmin PHP code injection
PKSA-2t2c-bjk2-4c6s CVE-2016-6609 GHSA-wpww-hx7x-xfjh
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Denial of service (DOS) attack in transformation feature
PKSA-4b46-ppj8-c2zj CVE-2016-6618 GHSA-rv6m-chvv-wmxg
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[HIGH] phpMyAdmin server-side request forgery (SSRF)
PKSA-fhwy-zpk2-9m7f CVE-2016-6621 GHSA-44vv-mm86-7cg6
Affected version: <4.0.10.19|>=4.4.0,<4.4.15.10|>=4.6.0,<4.6.6
Reported by:
GitHub -
[MEDIUM] phpMyAdmin DoS Vulnerability
PKSA-vctg-1cxh-pgr3 CVE-2016-6622 GHSA-qf3f-7x69-qfv3
Affected version: >=4.0,<4.0.10.17|>=4.4,<4.4.15.8|>=4.6,<4.6.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin XSS Vulnerability
PKSA-msvx-d7cx-mf9g CVE-2018-12581 GHSA-vxj6-pm6r-23hq
Affected version: <4.8.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin remote variable manipulation
PKSA-hbyn-8k15-1g84 CVE-2011-2505 GHSA-vqcm-r62w-w437
Affected version: >=3.4,<3.4.3.1|>=3.0,<3.3.10.2
Reported by:
GitHub -
[HIGH] phpMyAdmin vulnerable to static code injection
PKSA-2wwn-q2b1-n51c CVE-2011-2506 GHSA-p6h7-29r2-g88f
Affected version: >=3.4,<3.4.3.1|>=3.0,<3.3.10.2
Reported by:
GitHub -
[HIGH] phpMyAdmin Directory Traversal vulnerability
PKSA-7q7b-2y1f-z7js CVE-2011-2508 GHSA-q6vw-39cg-wjjf
Affected version: >=3.4.0,<3.4.3.1|>=3.3.0,<3.3.10.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site Scripting (XSS) in the import dialog
PKSA-pmch-sm6h-311v CVE-2018-15605 GHSA-c958-4j9x-q7w4
Affected version: <4.8.3
Reported by:
GitHub -
[MEDIUM] phpMyAdmin micro history Implementation XSS Vulnerability
PKSA-r5h1-btgr-wbg9 CVE-2014-6300 GHSA-6wfj-2mw7-p5cg
Affected version: >=4.2.0,<4.2.8.1|>=4.1.0,<4.1.14.4|>=4.0.0,<4.0.10.3
Reported by:
GitHub -
[MEDIUM] phpMyAdmin vulnerable to Cross-site Scripting
PKSA-1fc5-yxx9-d2t5 CVE-2016-5701 GHSA-rh74-5835-jpxp
Affected version: >=4.6.0,<4.6.3|>=4.4.15.0,<4.4.15.7|>=4.0.10.0,<4.0.10.16
Reported by:
GitHub -
[MEDIUM] phpMyAdmin vulnerable to Cross-site Scripting
PKSA-trcx-dq4s-k9xr CVE-2016-5705 GHSA-6q2j-8h8q-46mr
Affected version: >=4.6.0,<4.6.3|>=4.4.0,<4.4.15.7
Reported by:
GitHub -
[MEDIUM] phpMyAdmin full path disclosure vulnerability
PKSA-4nt5-g6xp-h81t CVE-2016-5730 GHSA-wm9c-vcv2-vpqc
Affected version: >=4.6,<4.6.3|>=4.4,<4.4.15.7|>=4.0,<4.0.10.16
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site scripting (XSS) vulnerability
PKSA-gywz-99pp-k6bz CVE-2016-5731 GHSA-mwm8-36c5-j5cf
Affected version: >=4.6,<4.6.3|>=4.4,<4.4.15.7|>=4.0,<4.0.10.16
Reported by:
GitHub -
[MEDIUM] phpMyAdmin vulnerable to Cross-site Scripting
PKSA-t882-d6yy-c9rq CVE-2016-5733 GHSA-cr65-p662-fx5c
Affected version: >=4.6.0,<4.6.3|>=4.4.15.0,<4.4.15.7|>=4.0.10.0,<4.0.10.16
Reported by:
GitHub -
[HIGH] phpMyAdmin vulnerable to Cross-Site Request Forgery
PKSA-99kf-x3tq-b2v6 CVE-2016-5739 GHSA-2p7v-jm8m-g3qq
Affected version: >=4.6.0,<4.6.3|>=4.4.15.0,<4.4.15.7|>=4.0.10.0,<4.0.10.16
Reported by:
GitHub -
[HIGH] phpMyAdmin Denial Of Service (DOS) attack
PKSA-z9zd-82t3-9rmf CVE-2016-5706 GHSA-9rmm-8fp4-26hv
Affected version: >=4.6,<4.6.3|>=4.4,<4.4.15.7|>=4.0,<4.0.10.16
Reported by:
GitHub -
[MEDIUM] phpMyAdmin XSS Vulnerability
PKSA-xgk4-gw9r-4v7f CVE-2016-2040 GHSA-pw34-qf6c-84fc
Affected version: >=4.5,<4.5.4|>=4.4,<4.4.15.3|>=4.0,<4.0.10.13
Reported by:
GitHub -
[HIGH] phpMyAdmin Unsafe comparison of XSRF/CSRF token
PKSA-jm37-4ks3-2x1n CVE-2016-2041 GHSA-8m97-xc46-rw9w
Affected version: >=4.5,<4.5.4|>=4.4,<4.4.15.3|>=4.0,<4.0.10.13
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
PKSA-vrsr-crx1-6bym CVE-2014-8326 GHSA-pvr5-84gr-g985
Affected version: >=4.2.0,<4.2.10.1|>=4.1.0,<4.1.14.6|>=4.0.0,<4.0.10.5
Reported by:
GitHub -
[LOW] phpMyAdmin cross-site scripting vulnerability in crafted view name
PKSA-47jt-h7fy-zx94 CVE-2014-5274 GHSA-q586-xpwr-jc3j
Affected version: >=4.2.0,<4.2.7.1|>=4.1.0,<4.1.14.3
Reported by:
GitHub -
[CRITICAL] phpMyAdmin SQL injection in Designer feature
PKSA-5cc2-rnnw-2491 CVE-2019-6798 GHSA-f732-fxh6-g4qj
Affected version: <4.8.5
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Open Redirect
PKSA-2brj-wg8s-54h3 CVE-2017-1000013 GHSA-5h5m-fj48-qpjw
Affected version: >=4.0,<4.0.10.19|>=4.4,<4.4.15.10|>=4.6,<4.6.6
Reported by:
GitHub -
[HIGH] phpMyAdmin DoS Vulnerability
PKSA-k1vn-wm94-9s36 CVE-2017-1000014 GHSA-9hrc-rwrq-v6mh
Affected version: >=4.0,<4.0.10.19|>=4.4,<4.4.15.10|>=4.6,<4.6.6
Reported by:
GitHub -
[MEDIUM] phpMyAdmin CSS Injection Vulnerability
PKSA-1b48-4r8g-hxn7 CVE-2017-1000015 GHSA-3fgq-cmr4-97rr
Affected version: >=4.0.0,<4.0.10.19|>=4.4.0,<4.4.15.10|>=4.6.0,<4.6.6
Reported by:
GitHub -
[HIGH] phpMyAdmin DoS Vulnerability
PKSA-fxmm-bnn8-k19c CVE-2017-1000018 GHSA-47qr-f86f-3wm4
Affected version: >=4.0,<4.0.10.19|>=4.4,<4.4.15.10|>=4.6,<4.6.6
Reported by:
GitHub -
[HIGH] phpMyAdmin SSRF in replication
PKSA-3cvz-xgn7-z2kr CVE-2017-1000017 GHSA-99xj-xqc9-98hr
Affected version: >=4.0,<4.0.10.19|>=4.4,<4.4.15.10|>=4.6,<4.6.6
Reported by:
GitHub -
[HIGH] phpMyAdmin CSRF Vulnerability
PKSA-f5hn-z1qz-txzp CVE-2018-19969 GHSA-xwf2-53mc-r8hx
Affected version: >=4.7,<=4.7.6|>=4.8,<4.8.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site Scripting (XSS) vulnerability
PKSA-f4vb-jfm7-tx95 CVE-2018-19970 GHSA-8987-93fh-rcwq
Affected version: >=4.0,<4.8.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Local file inclusion through transformation feature
PKSA-5fww-8bxv-yfvd CVE-2018-19968 GHSA-xc97-r49q-cxgc
Affected version: <4.8.4
Reported by:
GitHub -
[HIGH] phpMyAdmin CSRF Vulnerability
PKSA-h54m-d35n-1g2t CVE-2017-1000499 GHSA-f9hx-5jq4-fgjm
Affected version: >=4.7,<4.7.7
Reported by:
GitHub -
[CRITICAL] phpMyAdmin Improper Privilege Management
PKSA-nc18-h7n9-wh32 CVE-2017-18264 GHSA-5868-g58j-vrj5
Affected version: >=4.6.0,<=4.6.6|>=4.4.0,<=4.4.15.10|>=4.7.0-beta1,<4.7.0|>=4.0,<4.0.10.20
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Arbitrary file read vulnerability
PKSA-vr2s-nnf9-cvwd CVE-2019-6799 GHSA-c8wj-q36q-3wg4
Affected version: >=4.8,<4.8.5
Reported by:
GitHub -
[HIGH] phpMyAdmin Improper Authentication
PKSA-n1nd-mck5-r1rs CVE-2018-12613 GHSA-x394-g9j8-x7mf
Affected version: >=4.8,<4.8.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site Scripting In MySQL Table Name
PKSA-qxhq-dd24-gb7k CVE-2009-3696 GHSA-5pvv-f8h3-gw96
Affected version: >=3.0.0,<3.2.2.1|>=2.11.0,<2.11.9.6
Reported by:
GitHub -
[HIGH] phpMyAdmin HTTP Response Splitting Vulnerability
PKSA-p35b-h8km-nstw CVE-2009-1149 GHSA-xrpq-63mp-9vcw
Affected version: <3.1.3.1
Reported by:
GitHub -
[MEDIUM] phpMyAdmin CRLF Injection Vulnerability
PKSA-1hx8-rv4d-s4bf CVE-2005-3621 GHSA-wj42-52pv-wfj2
Affected version: <2.6.4-pl4
Reported by:
GitHub -
[HIGH] Exposure of Sensitive Information to an Unauthorized Actor in PhpMyAdmin
PKSA-k8s6-rmtq-6tb7 CVE-2022-0813 GHSA-vx8q-j7h9-vf6q
Affected version: <5.1.3
Reported by:
GitHub -
[MEDIUM] Improper Authentication in phpmyadmin
PKSA-zssx-kynx-9kb1 CVE-2022-23807 GHSA-8wf2-3ggj-78q9
Affected version: >=5.1.0,<5.1.2|>=4.9.0,<4.9.8
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in phpmyadmin
PKSA-bpq2-5dbs-rtjb CVE-2022-23808 GHSA-vcwc-6mr9-8m7c
Affected version: >=5.1.0,<5.1.2
Reported by:
GitHub -
[CRITICAL] SQL injection vulnerability in SearchController
PKSA-xbcx-cvf7-613m CVE-2020-26935 GHSA-7ff4-cv53-4cjq
Affected version: >=4.9.0,<4.9.6|>=5.0.0,<5.0.3
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] XSS relating to the transformation feature
PKSA-cfz7-294k-66b9 CVE-2020-26934 GHSA-6349-53vr-7hcr
Affected version: >=4.9.0,<4.9.6|>=5.0.0,<5.0.3
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] SQL injection with processing username
PKSA-sn13-qqq8-vd8p CVE-2020-10804 GHSA-h65r-8fp8-w7cx
Affected version: >=4.9.0,<4.9.5|>=5.0.0,<5.0.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] SQL injection relating to data display
PKSA-9124-v38k-n8zf CVE-2020-10803 GHSA-fcww-8wvc-38q9
Affected version: >=3.4,<4.9.5|>=5.0.0,<5.0.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] SQL injection relating to searching
PKSA-s3cf-xyqh-q5wn CVE-2020-10802 GHSA-f4cr-3xmc-2wpm
Affected version: >=4.9.0,<4.9.5|>=5.0.0,<5.0.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[CRITICAL] SQL injection in phpMyAdmin
PKSA-6rn5-4mpk-h6mx CVE-2019-18622 GHSA-jgjc-332c-8cmc
Affected version: <4.9.2
Reported by:
GitHub -
[HIGH] SQL injection in user accounts page
PKSA-vmz7-cxq6-3g2f CVE-2020-5504 GHSA-fgj8-93xx-f6g6
Affected version: >=4.0.0,<4.9.4|>=5.0.0,<5.0.1
Reported by:
GitHub, FriendsOfPHP/security-advisories