Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"
phpMyAdmin

phpMyAdminвеб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin
Вендор: phpmyadmin

График релизов

4.74.84.95.05.15.220172018201920202021202220232024202520262027

Недавние уязвимости phpMyAdmin

Количество 1 095

nvd логотип

CVE-2016-5730

больше 9 лет назад

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message.

CVSS3: 5.3
EPSS: Низкий
debian логотип

CVE-2016-5730

больше 9 лет назад

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x be ...

CVSS3: 5.3
EPSS: Низкий
nvd логотип

CVE-2016-5706

больше 9 лет назад

js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.

CVSS3: 7.5
EPSS: Низкий
debian логотип

CVE-2016-5706

больше 9 лет назад

js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x befo ...

CVSS3: 7.5
EPSS: Низкий
nvd логотип

CVE-2016-5705

больше 9 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation.

CVSS3: 6.1
EPSS: Низкий
debian логотип

CVE-2016-5705

больше 9 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4. ...

CVSS3: 6.1
EPSS: Низкий
nvd логотип

CVE-2016-5704

больше 9 лет назад

Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment.

CVSS3: 6.1
EPSS: Низкий
debian логотип

CVE-2016-5704

больше 9 лет назад

Cross-site scripting (XSS) vulnerability in the table-structure page i ...

CVSS3: 6.1
EPSS: Низкий
nvd логотип

CVE-2016-5703

больше 9 лет назад

SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query.

CVSS3: 9.8
EPSS: Низкий
debian логотип

CVE-2016-5703

больше 9 лет назад

SQL injection vulnerability in libraries/central_columns.lib.php in ph ...

CVSS3: 9.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2016-5730

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message.

CVSS3: 5.3
1%
Низкий
больше 9 лет назад
debian логотип
CVE-2016-5730

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x be ...

CVSS3: 5.3
1%
Низкий
больше 9 лет назад
nvd логотип
CVE-2016-5706

js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.

CVSS3: 7.5
3%
Низкий
больше 9 лет назад
debian логотип
CVE-2016-5706

js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x befo ...

CVSS3: 7.5
3%
Низкий
больше 9 лет назад
nvd логотип
CVE-2016-5705

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation.

CVSS3: 6.1
1%
Низкий
больше 9 лет назад
debian логотип
CVE-2016-5705

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4. ...

CVSS3: 6.1
1%
Низкий
больше 9 лет назад
nvd логотип
CVE-2016-5704

Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment.

CVSS3: 6.1
0%
Низкий
больше 9 лет назад
debian логотип
CVE-2016-5704

Cross-site scripting (XSS) vulnerability in the table-structure page i ...

CVSS3: 6.1
0%
Низкий
больше 9 лет назад
nvd логотип
CVE-2016-5703

SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query.

CVSS3: 9.8
2%
Низкий
больше 9 лет назад
debian логотип
CVE-2016-5703

SQL injection vulnerability in libraries/central_columns.lib.php in ph ...

CVSS3: 9.8
2%
Низкий
больше 9 лет назад

Уязвимостей на страницу

Поделиться