phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 095
GHSA-3q28-xfw3-2q35
phpMyAdmin XSS Vulnerability
GHSA-jfmj-27fp-qp67
phpMyAdmin Cross-site Scripting (XSS)
GHSA-94c8-rc5m-5x39
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
GHSA-qc6p-fjq3-q3x8
A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
GHSA-6j2v-g9rg-qcm5
phpMyAdmin Local file exposure through symlinks with UploadDir
GHSA-fcgm-62p3-f7cm
phpMyAdmin Local file exposure
GHSA-w93p-25g8-q8w9
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected.
GHSA-2mcj-3r3r-v5wm
phpMyAdmin DoS Vulnerability
GHSA-mhxj-6vf8-mwv3
phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention
GHSA-r643-7xfg-ppc5
phpMyAdmin allows to detect if user is logged in
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-3q28-xfw3-2q35 phpMyAdmin XSS Vulnerability | CVSS3: 6.1 | 0% Низкий | почти 4 года назад |
| GHSA-jfmj-27fp-qp67 phpMyAdmin Cross-site Scripting (XSS) | CVSS3: 6.1 | 0% Низкий | почти 4 года назад |
| GHSA-94c8-rc5m-5x39 An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. | CVSS3: 8.1 | 0% Низкий | почти 4 года назад |
| GHSA-qc6p-fjq3-q3x8 A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| GHSA-6j2v-g9rg-qcm5 phpMyAdmin Local file exposure through symlinks with UploadDir | CVSS3: 5.3 | 0% Низкий | почти 4 года назад |
| GHSA-fcgm-62p3-f7cm phpMyAdmin Local file exposure | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
| GHSA-w93p-25g8-q8w9 An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected. | CVSS3: 8.1 | 0% Низкий | почти 4 года назад |
| GHSA-2mcj-3r3r-v5wm phpMyAdmin DoS Vulnerability | CVSS3: 6.5 | 1% Низкий | почти 4 года назад |
| GHSA-mhxj-6vf8-mwv3 phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention | CVSS3: 5.9 | 0% Низкий | почти 4 года назад |
| GHSA-r643-7xfg-ppc5 phpMyAdmin allows to detect if user is logged in | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу