Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"
phpMyAdmin

phpMyAdminвеб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin
Вендор: phpmyadmin

График релизов

4.74.84.95.05.15.220172018201920202021202220232024202520262027

Недавние уязвимости phpMyAdmin

Количество 1 095

nvd логотип

CVE-2012-5469

около 13 лет назад

The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2012-5368

больше 13 лет назад

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2012-5368

больше 13 лет назад

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained th ...

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2012-5339

больше 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2012-5339

больше 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...

CVSS2: 3.5
EPSS: Низкий
ubuntu логотип

CVE-2012-5368

больше 13 лет назад

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2012-5339

больше 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2012-5159

больше 13 лет назад

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.

CVSS2: 7.5
EPSS: Высокий
debian логотип

CVE-2012-5159

больше 13 лет назад

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror durin ...

CVSS2: 7.5
EPSS: Высокий
ubuntu логотип

CVE-2012-5159

больше 13 лет назад

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.

CVSS2: 7.5
EPSS: Высокий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2012-5469

The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.

CVSS2: 7.5
2%
Низкий
около 13 лет назад
nvd логотип
CVE-2012-5368

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

CVSS2: 4.3
0%
Низкий
больше 13 лет назад
debian логотип
CVE-2012-5368

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained th ...

CVSS2: 4.3
0%
Низкий
больше 13 лет назад
nvd логотип
CVE-2012-5339

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.

CVSS2: 3.5
0%
Низкий
больше 13 лет назад
debian логотип
CVE-2012-5339

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5. ...

CVSS2: 3.5
0%
Низкий
больше 13 лет назад
ubuntu логотип
CVE-2012-5368

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

CVSS2: 4.3
0%
Низкий
больше 13 лет назад
ubuntu логотип
CVE-2012-5339

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.

CVSS2: 3.5
0%
Низкий
больше 13 лет назад
nvd логотип
CVE-2012-5159

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.

CVSS2: 7.5
88%
Высокий
больше 13 лет назад
debian логотип
CVE-2012-5159

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror durin ...

CVSS2: 7.5
88%
Высокий
больше 13 лет назад
ubuntu логотип
CVE-2012-5159

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.

CVSS2: 7.5
88%
Высокий
больше 13 лет назад

Уязвимостей на страницу

Поделиться