phpmyadmin/phpmyadmin Security Advisories for 4.7.1 (17)
-
[MEDIUM] Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
PKSA-3y21-7x4r-6hyz CVE-2023-25727 GHSA-6hr3-44gx-g6wh
Affected version: >=5.0,<5.2.1|>=4.3.0,<4.9.11
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-Site Request Forgery (CSRF)
PKSA-hjst-v1cr-6c68 CVE-2019-12922 GHSA-4c9q-64gq-xhx4
Affected version: <=4.9.0.1
Reported by:
GitHub -
[CRITICAL] phpMyAdmin unsanitized Git information
PKSA-2p6g-8fhm-wpz8 CVE-2019-19617 GHSA-pgph-mc4p-f8c3
Affected version: <4.9.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin CSRF Vulnerability
PKSA-61t2-8dhb-6pfx CVE-2019-12616 GHSA-mfr9-pcm3-6mwc
Affected version: <4.9.0
Reported by:
GitHub -
[CRITICAL] phpMyAdmin SQL injection in Designer feature
PKSA-qmwv-jdyx-shqc CVE-2019-11768 GHSA-x37v-98f9-mj32
Affected version: <4.9.0.1
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
PKSA-62z7-y8f8-22d7 CVE-2018-7260 GHSA-gqmj-f46x-wqhw
Affected version: <4.7.8
Reported by:
GitHub -
[MEDIUM] phpMyAdmin XSS Vulnerability
PKSA-msvx-d7cx-mf9g CVE-2018-12581 GHSA-vxj6-pm6r-23hq
Affected version: <4.8.2
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site Scripting (XSS) in the import dialog
PKSA-pmch-sm6h-311v CVE-2018-15605 GHSA-c958-4j9x-q7w4
Affected version: <4.8.3
Reported by:
GitHub -
[CRITICAL] phpMyAdmin SQL injection in Designer feature
PKSA-5cc2-rnnw-2491 CVE-2019-6798 GHSA-f732-fxh6-g4qj
Affected version: <4.8.5
Reported by:
GitHub -
[HIGH] phpMyAdmin CSRF Vulnerability
PKSA-f5hn-z1qz-txzp CVE-2018-19969 GHSA-xwf2-53mc-r8hx
Affected version: >=4.7,<=4.7.6|>=4.8,<4.8.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Cross-site Scripting (XSS) vulnerability
PKSA-f4vb-jfm7-tx95 CVE-2018-19970 GHSA-8987-93fh-rcwq
Affected version: >=4.0,<4.8.4
Reported by:
GitHub -
[MEDIUM] phpMyAdmin Local file inclusion through transformation feature
PKSA-5fww-8bxv-yfvd CVE-2018-19968 GHSA-xc97-r49q-cxgc
Affected version: <4.8.4
Reported by:
GitHub -
[HIGH] phpMyAdmin CSRF Vulnerability
PKSA-h54m-d35n-1g2t CVE-2017-1000499 GHSA-f9hx-5jq4-fgjm
Affected version: >=4.7,<4.7.7
Reported by:
GitHub -
[HIGH] Exposure of Sensitive Information to an Unauthorized Actor in PhpMyAdmin
PKSA-k8s6-rmtq-6tb7 CVE-2022-0813 GHSA-vx8q-j7h9-vf6q
Affected version: <5.1.3
Reported by:
GitHub -
[MEDIUM] SQL injection relating to data display
PKSA-9124-v38k-n8zf CVE-2020-10803 GHSA-fcww-8wvc-38q9
Affected version: >=3.4,<4.9.5|>=5.0.0,<5.0.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[CRITICAL] SQL injection in phpMyAdmin
PKSA-6rn5-4mpk-h6mx CVE-2019-18622 GHSA-jgjc-332c-8cmc
Affected version: <4.9.2
Reported by:
GitHub -
[HIGH] SQL injection in user accounts page
PKSA-vmz7-cxq6-3g2f CVE-2020-5504 GHSA-fgj8-93xx-f6g6
Affected version: >=4.0.0,<4.9.4|>=5.0.0,<5.0.1
Reported by:
GitHub, FriendsOfPHP/security-advisories