phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin

Вендор: phpmyadmin

График релизов

Недавние уязвимости phpMyAdmin

Количество 1 092

CVE-2005-0653

около 20 лет назад

phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.

CVSS2: 4.6

EPSS: Низкий

CVE-2005-0567

около 20 лет назад

Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.

CVSS2: 7.5

EPSS: Низкий

CVE-2005-0567

около 20 лет назад

Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 ...

CVSS2: 7.5

EPSS: Низкий

CVE-2005-0544

около 20 лет назад

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of th ...

CVSS2: 5

EPSS: Низкий

CVE-2005-0992

около 20 лет назад

Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin be ...

CVSS2: 4.3

EPSS: Средний

CVE-2005-0459

около 20 лет назад

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote att ...

CVSS2: 5

EPSS: Низкий

CVE-2005-0653

около 20 лет назад

phpMyAdmin 2.6.1 does not properly grant permissions on tables with an ...

CVSS2: 4.6

EPSS: Низкий

CVE-2005-0544

около 20 лет назад

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.

CVSS2: 5

EPSS: Низкий

CVE-2005-0567

около 20 лет назад

CVSS2: 7.5

EPSS: Низкий

CVE-2005-0459

около 20 лет назад

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.

CVSS2: 5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2005-0653 phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.	CVSS2: 4.6	0% Низкий	около 20 лет назад
CVE-2005-0567 Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.	CVSS2: 7.5	1% Низкий	около 20 лет назад
CVE-2005-0567 Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 ...	CVSS2: 7.5	1% Низкий	около 20 лет назад
CVE-2005-0544 phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of th ...	CVSS2: 5	1% Низкий	около 20 лет назад
CVE-2005-0992 Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin be ...	CVSS2: 4.3	10% Средний	около 20 лет назад
CVE-2005-0459 phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote att ...	CVSS2: 5	0% Низкий	около 20 лет назад
CVE-2005-0653 phpMyAdmin 2.6.1 does not properly grant permissions on tables with an ...	CVSS2: 4.6	0% Низкий	около 20 лет назад
CVE-2005-0544 phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.	CVSS2: 5	1% Низкий	около 20 лет назад
CVE-2005-0567 Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.	CVSS2: 7.5	1% Низкий	около 20 лет назад
CVE-2005-0459 phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.	CVSS2: 5	0% Низкий	около 20 лет назад

Уязвимостей на страницу