phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 095
CVE-2018-7260
Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2018-7260
Cross-site scripting (XSS) vulnerability in db_central_columns.php in ...
CVE-2018-7260
Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2017-1000499
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
CVE-2017-1000499
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a ...
CVE-2017-1000499
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
CVE-2017-1000018
phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name
CVE-2017-1000018
phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the re ...
CVE-2017-1000017
phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server
CVE-2017-1000017
phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2018-7260 Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | CVSS3: 5.4 | 0% Низкий | почти 8 лет назад |
| CVE-2018-7260 Cross-site scripting (XSS) vulnerability in db_central_columns.php in ... | CVSS3: 5.4 | 0% Низкий | почти 8 лет назад |
 | CVE-2018-7260 Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | CVSS3: 5.4 | 0% Низкий | почти 8 лет назад |
| CVE-2017-1000499 phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc. | CVSS3: 8.8 | 11% Средний | около 8 лет назад |
| CVE-2017-1000499 phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a ... | CVSS3: 8.8 | 11% Средний | около 8 лет назад |
| CVE-2017-1000499 phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc. | CVSS3: 8.8 | 11% Средний | около 8 лет назад |
| CVE-2017-1000018 phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name | CVSS3: 7.5 | 1% Низкий | больше 8 лет назад |
| CVE-2017-1000018 phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the re ... | CVSS3: 7.5 | 1% Низкий | больше 8 лет назад |
| CVE-2017-1000017 phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server | CVSS3: 8.8 | 1% Низкий | больше 8 лет назад |
| CVE-2017-1000017 phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user ... | CVSS3: 8.8 | 1% Низкий | больше 8 лет назад |
Уязвимостей на страницу