phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin

Вендор: phpmyadmin

График релизов

Недавние уязвимости phpMyAdmin

Количество 1 095

GHSA-phhm-63xx-v9rr

почти 4 года назад

phpMyAdmin Reflected File Download attack

CVSS3: 6.3

EPSS: Низкий

GHSA-4gv8-hhx3-rq62

почти 4 года назад

An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 5.3

EPSS: Низкий

GHSA-gv8h-mg99-wgj9

почти 4 года назад

An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 5.4

EPSS: Низкий

GHSA-567r-vqj7-5cw7

почти 4 года назад

phpMyAdmin Authentication Bypass

CVSS3: 9.8

EPSS: Низкий

GHSA-5r36-wxjq-vcfh

почти 4 года назад

An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 7.5

EPSS: Низкий

GHSA-p849-vf5f-f3x7

почти 4 года назад

phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension

CVSS3: 8.1

EPSS: Низкий

GHSA-426q-975p-w5cr

почти 4 года назад

phpMyAdmin Denial of service (DOS) attack with dbase extension

CVSS3: 5.9

EPSS: Низкий

GHSA-8w5f-7346-5p5m

почти 4 года назад

An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.5

EPSS: Низкий

GHSA-qc2g-2jgq-733p

почти 4 года назад

An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

CVSS3: 5.3

EPSS: Низкий

GHSA-9xhq-pm7v-693p

почти 4 года назад

phpMyAdmin Cryptographic Vulnerability

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
GHSA-phhm-63xx-v9rr phpMyAdmin Reflected File Download attack	CVSS3: 6.3	0% Низкий	почти 4 года назад
GHSA-4gv8-hhx3-rq62 An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.	CVSS3: 5.3	0% Низкий	почти 4 года назад
GHSA-gv8h-mg99-wgj9 An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.	CVSS3: 5.4	0% Низкий	почти 4 года назад
GHSA-567r-vqj7-5cw7 phpMyAdmin Authentication Bypass	CVSS3: 9.8	0% Низкий	почти 4 года назад
GHSA-5r36-wxjq-vcfh An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.	CVSS3: 7.5	4% Низкий	почти 4 года назад
GHSA-p849-vf5f-f3x7 phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension	CVSS3: 8.1	2% Низкий	почти 4 года назад
GHSA-426q-975p-w5cr phpMyAdmin Denial of service (DOS) attack with dbase extension	CVSS3: 5.9	1% Низкий	почти 4 года назад
GHSA-8w5f-7346-5p5m An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.	CVSS3: 6.5	1% Низкий	почти 4 года назад
GHSA-qc2g-2jgq-733p An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.	CVSS3: 5.3	0% Низкий	почти 4 года назад
GHSA-9xhq-pm7v-693p phpMyAdmin Cryptographic Vulnerability	CVSS3: 5.3	0% Низкий	почти 4 года назад

Уязвимостей на страницу