phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin

Вендор: phpmyadmin

График релизов

Недавние уязвимости phpMyAdmin

Количество 1 092

CVE-2013-4998

почти 12 лет назад

phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.

CVSS2: 5

EPSS: Низкий

CVE-2013-4998

почти 12 лет назад

phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote ...

CVSS2: 5

EPSS: Низкий

CVE-2013-4997

почти 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value.

CVSS2: 4.3

EPSS: Низкий

CVE-2013-4997

почти 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...

CVSS2: 4.3

EPSS: Низкий

CVE-2013-4996

почти 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, (3) a crafted logo URL in the navigation panel, (4) a crafted entry in a certain proxy list, or (5) crafted content in a version.json file.

CVSS2: 4.3

EPSS: Низкий

CVE-2013-4996

почти 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...

CVSS2: 4.3

EPSS: Низкий

CVE-2013-4995

почти 12 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information.

CVSS2: 3.5

EPSS: Низкий

CVE-2013-4995

почти 12 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3. ...

CVSS2: 3.5

EPSS: Низкий

CVE-2013-5001

почти 12 лет назад

Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmin 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted object name associated with a TextLinkTransformationPlugin link.

CVSS2: 3.5

EPSS: Низкий

CVE-2013-4999

почти 12 лет назад

phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.

CVSS2: 5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2013-4998 phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.	CVSS2: 5	0% Низкий	почти 12 лет назад
CVE-2013-4998 phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote ...	CVSS2: 5	0% Низкий	почти 12 лет назад
CVE-2013-4997 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value.	CVSS2: 4.3	0% Низкий	почти 12 лет назад
CVE-2013-4997 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...	CVSS2: 4.3	0% Низкий	почти 12 лет назад
CVE-2013-4996 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, (3) a crafted logo URL in the navigation panel, (4) a crafted entry in a certain proxy list, or (5) crafted content in a version.json file.	CVSS2: 4.3	0% Низкий	почти 12 лет назад
CVE-2013-4996 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...	CVSS2: 4.3	0% Низкий	почти 12 лет назад
CVE-2013-4995 Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information.	CVSS2: 3.5	0% Низкий	почти 12 лет назад
CVE-2013-4995 Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3. ...	CVSS2: 3.5	0% Низкий	почти 12 лет назад
CVE-2013-5001 Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmin 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted object name associated with a TextLinkTransformationPlugin link.	CVSS2: 3.5	0% Низкий	почти 12 лет назад
CVE-2013-4999 phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.	CVSS2: 5	0% Низкий	почти 12 лет назад

Уязвимостей на страницу