phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin

Вендор: phpmyadmin

График релизов

Недавние уязвимости phpMyAdmin

Количество 1 095

CVE-2011-3181

больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking fe ...

CVSS2: 4.3

EPSS: Низкий

CVE-2011-3181

больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.

CVSS2: 4.3

EPSS: Низкий

CVE-2011-2719

больше 14 лет назад

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.

CVSS2: 6.4

EPSS: Низкий

CVE-2011-2719

больше 14 лет назад

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3 ...

CVSS2: 6.4

EPSS: Низкий

CVE-2011-2718

больше 14 лет назад

Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php.

CVSS2: 6

EPSS: Низкий

CVE-2011-2718

больше 14 лет назад

Multiple directory traversal vulnerabilities in the relational schema ...

CVSS2: 6

EPSS: Низкий

CVE-2011-2643

больше 14 лет назад

Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.

CVSS2: 6.8

EPSS: Низкий

CVE-2011-2643

больше 14 лет назад

Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x befor ...

CVSS2: 6.8

EPSS: Низкий

CVE-2011-2642

больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.

CVSS2: 2.6

EPSS: Низкий

CVE-2011-2642

больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the table Print ...

CVSS2: 2.6

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2011-3181 Multiple cross-site scripting (XSS) vulnerabilities in the Tracking fe ...	CVSS2: 4.3	1% Низкий	больше 14 лет назад
CVE-2011-3181 Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.	CVSS2: 4.3	1% Низкий	больше 14 лет назад
CVE-2011-2719 libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.	CVSS2: 6.4	2% Низкий	больше 14 лет назад
CVE-2011-2719 libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3 ...	CVSS2: 6.4	2% Низкий	больше 14 лет назад
CVE-2011-2718 Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php.	CVSS2: 6	1% Низкий	больше 14 лет назад
CVE-2011-2718 Multiple directory traversal vulnerabilities in the relational schema ...	CVSS2: 6	1% Низкий	больше 14 лет назад
CVE-2011-2643 Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.	CVSS2: 6.8	0% Низкий	больше 14 лет назад
CVE-2011-2643 Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x befor ...	CVSS2: 6.8	0% Низкий	больше 14 лет назад
CVE-2011-2642 Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.	CVSS2: 2.6	1% Низкий	больше 14 лет назад
CVE-2011-2642 Multiple cross-site scripting (XSS) vulnerabilities in the table Print ...	CVSS2: 2.6	1% Низкий	больше 14 лет назад

Уязвимостей на страницу