phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 093
GHSA-52wv-2qwp-5w9x
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
GHSA-v6fw-xf2c-8q43
phpMyAdmin Open Redirect in redirector
GHSA-q7v2-w38r-pv7v
phpMyAdmin Multiple XSS Vulnerabilities
GHSA-8vv2-p6c9-46c2
show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file.
GHSA-4q58-5x28-53wv
phpMyAdmin Vulnerable to Cross-Site Scripting
GHSA-q64c-8ph3-645m
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.
GHSA-9j9h-cpgc-8356
phpMyAdmin vulnerable to Cross-site Scripting
GHSA-c5vr-rrqf-4hf2
Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections.
GHSA-jjpc-pf2f-wwgg
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
GHSA-xpxp-v33m-5jp9
phpMyAdmin Unsafe Fetching of Javascript Code
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-52wv-2qwp-5w9x Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. | 1% Низкий | больше 3 лет назад | |
| GHSA-v6fw-xf2c-8q43 phpMyAdmin Open Redirect in redirector | 0% Низкий | больше 3 лет назад | |
| GHSA-q7v2-w38r-pv7v phpMyAdmin Multiple XSS Vulnerabilities | 0% Низкий | больше 3 лет назад | |
| GHSA-8vv2-p6c9-46c2 show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file. | 0% Низкий | больше 3 лет назад | |
| GHSA-4q58-5x28-53wv phpMyAdmin Vulnerable to Cross-Site Scripting | 0% Низкий | больше 3 лет назад | |
| GHSA-q64c-8ph3-645m Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name. | 1% Низкий | больше 3 лет назад | |
| GHSA-9j9h-cpgc-8356 phpMyAdmin vulnerable to Cross-site Scripting | 0% Низкий | больше 3 лет назад | |
| GHSA-c5vr-rrqf-4hf2 Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections. | 0% Низкий | больше 3 лет назад | |
| GHSA-jjpc-pf2f-wwgg The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod. | 2% Низкий | больше 3 лет назад | |
| GHSA-xpxp-v33m-5jp9 phpMyAdmin Unsafe Fetching of Javascript Code | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу