phpmyadmin/phpmyadmin Security Advisories for 4.9.4 (8)
-
[MEDIUM] Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
PKSA-3y21-7x4r-6hyz CVE-2023-25727 GHSA-6hr3-44gx-g6wh
Affected version: >=5.0,<5.2.1|>=4.3.0,<4.9.11
Reported by:
GitHub -
[HIGH] Exposure of Sensitive Information to an Unauthorized Actor in PhpMyAdmin
PKSA-k8s6-rmtq-6tb7 CVE-2022-0813 GHSA-vx8q-j7h9-vf6q
Affected version: <5.1.3
Reported by:
GitHub -
[MEDIUM] Improper Authentication in phpmyadmin
PKSA-zssx-kynx-9kb1 CVE-2022-23807 GHSA-8wf2-3ggj-78q9
Affected version: >=5.1.0,<5.1.2|>=4.9.0,<4.9.8
Reported by:
GitHub -
[CRITICAL] SQL injection vulnerability in SearchController
PKSA-xbcx-cvf7-613m CVE-2020-26935 GHSA-7ff4-cv53-4cjq
Affected version: >=4.9.0,<4.9.6|>=5.0.0,<5.0.3
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] XSS relating to the transformation feature
PKSA-cfz7-294k-66b9 CVE-2020-26934 GHSA-6349-53vr-7hcr
Affected version: >=4.9.0,<4.9.6|>=5.0.0,<5.0.3
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] SQL injection with processing username
PKSA-sn13-qqq8-vd8p CVE-2020-10804 GHSA-h65r-8fp8-w7cx
Affected version: >=4.9.0,<4.9.5|>=5.0.0,<5.0.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] SQL injection relating to data display
PKSA-9124-v38k-n8zf CVE-2020-10803 GHSA-fcww-8wvc-38q9
Affected version: >=3.4,<4.9.5|>=5.0.0,<5.0.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] SQL injection relating to searching
PKSA-s3cf-xyqh-q5wn CVE-2020-10802 GHSA-f4cr-3xmc-2wpm
Affected version: >=4.9.0,<4.9.5|>=5.0.0,<5.0.2
Reported by:
GitHub, FriendsOfPHP/security-advisories