phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 092
GHSA-52wv-2qwp-5w9x
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
GHSA-v6fw-xf2c-8q43
phpMyAdmin Open Redirect in redirector
GHSA-q7v2-w38r-pv7v
phpMyAdmin Multiple XSS Vulnerabilities
GHSA-8vv2-p6c9-46c2
show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file.
GHSA-4q58-5x28-53wv
phpMyAdmin Vulnerable to Cross-Site Scripting
GHSA-q64c-8ph3-645m
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.
GHSA-9j9h-cpgc-8356
phpMyAdmin vulnerable to Cross-site Scripting
GHSA-c5vr-rrqf-4hf2
Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections.
GHSA-jjpc-pf2f-wwgg
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
GHSA-rfpg-2fp8-2fph
phpMyAdmin multiple cross-site scripting vulnerabilities
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-52wv-2qwp-5w9x Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. | 1% Низкий | около 3 лет назад | |
| GHSA-v6fw-xf2c-8q43 phpMyAdmin Open Redirect in redirector | 0% Низкий | около 3 лет назад | |
| GHSA-q7v2-w38r-pv7v phpMyAdmin Multiple XSS Vulnerabilities | 0% Низкий | около 3 лет назад | |
| GHSA-8vv2-p6c9-46c2 show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file. | 0% Низкий | около 3 лет назад | |
| GHSA-4q58-5x28-53wv phpMyAdmin Vulnerable to Cross-Site Scripting | 0% Низкий | около 3 лет назад | |
| GHSA-q64c-8ph3-645m Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name. | 1% Низкий | около 3 лет назад | |
| GHSA-9j9h-cpgc-8356 phpMyAdmin vulnerable to Cross-site Scripting | 0% Низкий | около 3 лет назад | |
| GHSA-c5vr-rrqf-4hf2 Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections. | 0% Низкий | около 3 лет назад | |
| GHSA-jjpc-pf2f-wwgg The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod. | 3% Низкий | около 3 лет назад | |
| GHSA-rfpg-2fp8-2fph phpMyAdmin multiple cross-site scripting vulnerabilities | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу