phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin

Вендор: phpmyadmin

График релизов

Недавние уязвимости phpMyAdmin

Количество 1 092

CVE-2005-0992

около 20 лет назад

Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter.

CVSS2: 4.3

EPSS: Средний

CVE-2005-0653

около 20 лет назад

phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.

CVSS2: 4.6

EPSS: Низкий

CVE-2004-1055

больше 20 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.

CVSS2: 6.8

EPSS: Низкий

CVE-2004-1055

больше 20 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6. ...

CVSS2: 6.8

EPSS: Низкий

CVE-2005-0543

больше 20 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cfg[BgcolorOne], or strServerChoice parameters in select_server.lib.php, (2) the bg_color or row_no parameters in display_tbl_links.lib.php, the left_font_family parameter in theme_left.css.php, or the right_font_family parameter in theme_right.css.php.

CVSS2: 4.3

EPSS: Низкий

CVE-2005-0543

больше 20 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows re ...

CVSS2: 4.3

EPSS: Низкий

CVE-2005-0543

больше 20 лет назад

CVSS2: 4.3

EPSS: Низкий

CVE-2004-1148

больше 20 лет назад

phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.

CVSS2: 5

EPSS: Низкий

CVE-2004-1147

больше 20 лет назад

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.

CVSS2: 10

EPSS: Низкий

CVE-2004-1148

больше 20 лет назад

phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...

CVSS2: 5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2005-0992 Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter.	CVSS2: 4.3	10% Средний	около 20 лет назад
CVE-2005-0653 phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.	CVSS2: 4.6	0% Низкий	около 20 лет назад
CVE-2004-1055 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.	CVSS2: 6.8	1% Низкий	больше 20 лет назад
CVE-2004-1055 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6. ...	CVSS2: 6.8	1% Низкий	больше 20 лет назад
CVE-2005-0543 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cfg[BgcolorOne], or strServerChoice parameters in select_server.lib.php, (2) the bg_color or row_no parameters in display_tbl_links.lib.php, the left_font_family parameter in theme_left.css.php, or the right_font_family parameter in theme_right.css.php.	CVSS2: 4.3	2% Низкий	больше 20 лет назад
CVE-2005-0543 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows re ...	CVSS2: 4.3	2% Низкий	больше 20 лет назад
CVE-2005-0543 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cfg[BgcolorOne], or strServerChoice parameters in select_server.lib.php, (2) the bg_color or row_no parameters in display_tbl_links.lib.php, the left_font_family parameter in theme_left.css.php, or the right_font_family parameter in theme_right.css.php.	CVSS2: 4.3	2% Низкий	больше 20 лет назад
CVE-2004-1148 phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.	CVSS2: 5	0% Низкий	больше 20 лет назад
CVE-2004-1147 phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.	CVSS2: 10	5% Низкий	больше 20 лет назад
CVE-2004-1148 phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...	CVSS2: 5	0% Низкий	больше 20 лет назад

Уязвимостей на страницу