phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 092
CVE-2005-3622
phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.
CVE-2005-3621
CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.
CVE-2005-3301
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
CVE-2005-3301
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...
CVE-2005-3301
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
CVE-2005-3300
The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme.
CVE-2005-3299
PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array.
CVE-2005-3299
PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin ...
CVE-2005-3300
The register_globals emulation layer in grab_globals.php for phpMyAdmi ...
CVE-2005-3300
The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2005-3622 phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory. | CVSS2: 5 | 1% Низкий | больше 19 лет назад |
| CVE-2005-3621 CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts. | CVSS2: 5 | 1% Низкий | больше 19 лет назад |
 | CVE-2005-3301 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php. | CVSS2: 4.3 | 8% Низкий | больше 19 лет назад |
| CVE-2005-3301 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ... | CVSS2: 4.3 | 8% Низкий | больше 19 лет назад |
| CVE-2005-3301 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php. | CVSS2: 4.3 | 8% Низкий | больше 19 лет назад |
| CVE-2005-3300 The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme. | CVSS2: 5 | 2% Низкий | больше 19 лет назад |
| CVE-2005-3299 PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array. | CVSS2: 5 | 8% Низкий | больше 19 лет назад |
| CVE-2005-3299 PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin ... | CVSS2: 5 | 8% Низкий | больше 19 лет назад |
| CVE-2005-3300 The register_globals emulation layer in grab_globals.php for phpMyAdmi ... | CVSS2: 5 | 2% Низкий | больше 19 лет назад |
| CVE-2005-3300 The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme. | CVSS2: 5 | 2% Низкий | больше 19 лет назад |
Уязвимостей на страницу