phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin

Вендор: phpmyadmin

График релизов

Недавние уязвимости phpMyAdmin

Количество 1 092

CVE-2011-3592

больше 10 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation.

CVSS2: 3.5

EPSS: Низкий

CVE-2014-9219

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

CVSS2: 4.3

EPSS: Низкий

CVE-2014-9219

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in the redirection feature in ...

CVSS2: 4.3

EPSS: Низкий

CVE-2014-9218

больше 10 лет назад

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.

CVSS2: 5

EPSS: Средний

CVE-2014-9218

больше 10 лет назад

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x be ...

CVSS2: 5

EPSS: Средний

CVE-2014-9219

больше 10 лет назад

CVSS2: 4.3

EPSS: Низкий

CVE-2014-9218

больше 10 лет назад

CVSS2: 5

EPSS: Средний

CVE-2014-8961

больше 10 лет назад

Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter.

CVSS2: 4

EPSS: Низкий

CVE-2014-8961

больше 10 лет назад

Directory traversal vulnerability in libraries/error_report.lib.php in ...

CVSS2: 4

EPSS: Низкий

CVE-2014-8960

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.

CVSS2: 3.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2011-3592 Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation.	CVSS2: 3.5	0% Низкий	больше 10 лет назад
CVE-2014-9219 Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.	CVSS2: 4.3	0% Низкий	больше 10 лет назад
CVE-2014-9219 Cross-site scripting (XSS) vulnerability in the redirection feature in ...	CVSS2: 4.3	0% Низкий	больше 10 лет назад
CVE-2014-9218 libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.	CVSS2: 5	18% Средний	больше 10 лет назад
CVE-2014-9218 libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x be ...	CVSS2: 5	18% Средний	больше 10 лет назад
CVE-2014-9219 Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.	CVSS2: 4.3	0% Низкий	больше 10 лет назад
CVE-2014-9218 libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.	CVSS2: 5	18% Средний	больше 10 лет назад
CVE-2014-8961 Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter.	CVSS2: 4	2% Низкий	больше 10 лет назад
CVE-2014-8961 Directory traversal vulnerability in libraries/error_report.lib.php in ...	CVSS2: 4	2% Низкий	больше 10 лет назад
CVE-2014-8960 Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.	CVSS2: 3.5	0% Низкий	больше 10 лет назад

Уязвимостей на страницу