Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"
phpMyAdmin

phpMyAdminвеб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin
Вендор: phpmyadmin

График релизов

4.74.84.95.05.15.220172018201920202021202220232024202520262027

Недавние уязвимости phpMyAdmin

Количество 1 095

debian логотип

CVE-2008-3197

больше 17 лет назад

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2 ...

CVSS2: 3.5
EPSS: Низкий
ubuntu логотип

CVE-2008-3197

больше 17 лет назад

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2008-3032

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2008-2960

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.

CVSS2: 2.6
EPSS: Низкий
debian логотип

CVE-2008-2960

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, ...

CVSS2: 2.6
EPSS: Низкий
ubuntu логотип

CVE-2008-2960

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.

CVSS2: 2.6
EPSS: Низкий
nvd логотип

CVE-2008-1924

почти 18 лет назад

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2008-1924

почти 18 лет назад

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running ...

CVSS2: 3.5
EPSS: Низкий
ubuntu логотип

CVE-2008-1924

почти 18 лет назад

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2008-1567

почти 18 лет назад

phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.

CVSS3: 5.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
debian логотип
CVE-2008-3197

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2 ...

CVSS2: 3.5
0%
Низкий
больше 17 лет назад
ubuntu логотип
CVE-2008-3197

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.

CVSS2: 3.5
0%
Низкий
больше 17 лет назад
nvd логотип
CVE-2008-3032

Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS2: 4.3
0%
Низкий
больше 17 лет назад
nvd логотип
CVE-2008-2960

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.

CVSS2: 2.6
1%
Низкий
больше 17 лет назад
debian логотип
CVE-2008-2960

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, ...

CVSS2: 2.6
1%
Низкий
больше 17 лет назад
ubuntu логотип
CVE-2008-2960

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.

CVSS2: 2.6
1%
Низкий
больше 17 лет назад
nvd логотип
CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

CVSS2: 3.5
0%
Низкий
почти 18 лет назад
debian логотип
CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running ...

CVSS2: 3.5
0%
Низкий
почти 18 лет назад
ubuntu логотип
CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

CVSS2: 3.5
0%
Низкий
почти 18 лет назад
nvd логотип
CVE-2008-1567

phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.

CVSS3: 5.5
0%
Низкий
почти 18 лет назад

Уязвимостей на страницу

Поделиться