phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 095
GHSA-gcvp-cwgw-wx8j
phpMyAdmin XSS Vulnerability
GHSA-94c8-rc5m-5x39
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
GHSA-jfmj-27fp-qp67
phpMyAdmin Cross-site Scripting (XSS)
GHSA-qc6p-fjq3-q3x8
A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
GHSA-w93p-25g8-q8w9
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected.
GHSA-2mcj-3r3r-v5wm
phpMyAdmin DoS Vulnerability
GHSA-mhxj-6vf8-mwv3
phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention
GHSA-6j2v-g9rg-qcm5
phpMyAdmin Local file exposure through symlinks with UploadDir
GHSA-fcgm-62p3-f7cm
phpMyAdmin Local file exposure
GHSA-r643-7xfg-ppc5
phpMyAdmin allows to detect if user is logged in
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-gcvp-cwgw-wx8j phpMyAdmin XSS Vulnerability | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
| GHSA-94c8-rc5m-5x39 An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. | CVSS3: 8.1 | 0% Низкий | больше 3 лет назад |
| GHSA-jfmj-27fp-qp67 phpMyAdmin Cross-site Scripting (XSS) | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
| GHSA-qc6p-fjq3-q3x8 A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-w93p-25g8-q8w9 An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected. | CVSS3: 8.1 | 0% Низкий | больше 3 лет назад |
| GHSA-2mcj-3r3r-v5wm phpMyAdmin DoS Vulnerability | CVSS3: 6.5 | 1% Низкий | больше 3 лет назад |
| GHSA-mhxj-6vf8-mwv3 phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention | CVSS3: 5.9 | 0% Низкий | больше 3 лет назад |
| GHSA-6j2v-g9rg-qcm5 phpMyAdmin Local file exposure through symlinks with UploadDir | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
| GHSA-fcgm-62p3-f7cm phpMyAdmin Local file exposure | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
| GHSA-r643-7xfg-ppc5 phpMyAdmin allows to detect if user is logged in | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу