Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"
phpMyAdmin

phpMyAdminвеб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin
Вендор: phpmyadmin

График релизов

4.74.84.95.05.15.22017201820192020202120222023202420252026

Недавние уязвимости phpMyAdmin

Количество 1 092

nvd логотип

CVE-2011-3646

больше 13 лет назад

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2011-3646

больше 13 лет назад

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote atta ...

CVSS2: 5
EPSS: Низкий
ubuntu логотип

CVE-2011-4107

больше 13 лет назад

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.

CVSS3: 6.5
EPSS: Средний
ubuntu логотип

CVE-2011-3646

больше 13 лет назад

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2011-4064

больше 13 лет назад

Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2011-4064

больше 13 лет назад

Cross-site scripting (XSS) vulnerability in the setup interface in php ...

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2011-4064

больше 13 лет назад

Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2011-3181

почти 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2011-3181

почти 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking fe ...

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2011-3181

почти 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.

CVSS2: 4.3
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2011-3646

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.

CVSS2: 5
1%
Низкий
больше 13 лет назад
debian логотип
CVE-2011-3646

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote atta ...

CVSS2: 5
1%
Низкий
больше 13 лет назад
ubuntu логотип
CVE-2011-4107

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.

CVSS3: 6.5
11%
Средний
больше 13 лет назад
ubuntu логотип
CVE-2011-3646

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.

CVSS2: 5
1%
Низкий
больше 13 лет назад
nvd логотип
CVE-2011-4064

Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.

CVSS2: 4.3
1%
Низкий
больше 13 лет назад
debian логотип
CVE-2011-4064

Cross-site scripting (XSS) vulnerability in the setup interface in php ...

CVSS2: 4.3
1%
Низкий
больше 13 лет назад
ubuntu логотип
CVE-2011-4064

Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.

CVSS2: 4.3
1%
Низкий
больше 13 лет назад
nvd логотип
CVE-2011-3181

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.

CVSS2: 4.3
1%
Низкий
почти 14 лет назад
debian логотип
CVE-2011-3181

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking fe ...

CVSS2: 4.3
1%
Низкий
почти 14 лет назад
ubuntu логотип
CVE-2011-3181

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.

CVSS2: 4.3
1%
Низкий
почти 14 лет назад

Уязвимостей на страницу

Поделиться