phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 092
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3 ...
CVE-2011-2718
Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php.
CVE-2011-2718
Multiple directory traversal vulnerabilities in the relational schema ...
CVE-2011-2643
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
CVE-2011-2643
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x befor ...
CVE-2011-2642
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.
CVE-2011-2642
Multiple cross-site scripting (XSS) vulnerabilities in the table Print ...
CVE-2011-2643
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
CVE-2011-2642
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2011-2719 libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505. | CVSS2: 6.4 | 2% Низкий | почти 14 лет назад |
| CVE-2011-2719 libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3 ... | CVSS2: 6.4 | 2% Низкий | почти 14 лет назад |
| CVE-2011-2718 Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php. | CVSS2: 6 | 1% Низкий | почти 14 лет назад |
| CVE-2011-2718 Multiple directory traversal vulnerabilities in the relational schema ... | CVSS2: 6 | 1% Низкий | почти 14 лет назад |
| CVE-2011-2643 Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter. | CVSS2: 6.8 | 0% Низкий | почти 14 лет назад |
| CVE-2011-2643 Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x befor ... | CVSS2: 6.8 | 0% Низкий | почти 14 лет назад |
| CVE-2011-2642 Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name. | CVSS2: 2.6 | 1% Низкий | почти 14 лет назад |
| CVE-2011-2642 Multiple cross-site scripting (XSS) vulnerabilities in the table Print ... | CVSS2: 2.6 | 1% Низкий | почти 14 лет назад |
 | CVE-2011-2643 Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter. | CVSS2: 6.8 | 0% Низкий | почти 14 лет назад |
| CVE-2011-2642 Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name. | CVSS2: 2.6 | 1% Низкий | почти 14 лет назад |
Уязвимостей на страницу