Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"
phpMyAdmin

phpMyAdminвеб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin
Вендор: phpmyadmin

График релизов

4.74.84.95.05.15.22017201820192020202120222023202420252026

Недавние уязвимости phpMyAdmin

Количество 1 092

nvd логотип

CVE-2008-1149

больше 17 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

CVSS2: 5.1
EPSS: Низкий
debian логотип

CVE-2008-1149

больше 17 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters ...

CVSS2: 5.1
EPSS: Низкий
ubuntu логотип

CVE-2008-1149

больше 17 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

CVSS2: 5.1
EPSS: Низкий
redhat логотип

CVE-2008-1149

больше 17 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

EPSS: Низкий
nvd логотип

CVE-2007-6100

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.

CVSS2: 2.6
EPSS: Низкий
debian логотип

CVE-2007-6100

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth ...

CVSS2: 2.6
EPSS: Низкий
ubuntu логотип

CVE-2007-6100

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.

CVSS2: 2.6
EPSS: Низкий
nvd логотип

CVE-2007-5977

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2007-5976

больше 17 лет назад

SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.

CVSS2: 6.5
EPSS: Низкий
debian логотип

CVE-2007-5977

больше 17 лет назад

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmi ...

CVSS2: 3.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2008-1149

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

CVSS2: 5.1
1%
Низкий
больше 17 лет назад
debian логотип
CVE-2008-1149

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters ...

CVSS2: 5.1
1%
Низкий
больше 17 лет назад
ubuntu логотип
CVE-2008-1149

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

CVSS2: 5.1
1%
Низкий
больше 17 лет назад
redhat логотип
CVE-2008-1149

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

1%
Низкий
больше 17 лет назад
nvd логотип
CVE-2007-6100

Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.

CVSS2: 2.6
1%
Низкий
больше 17 лет назад
debian логотип
CVE-2007-6100

Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth ...

CVSS2: 2.6
1%
Низкий
больше 17 лет назад
ubuntu логотип
CVE-2007-6100

Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.

CVSS2: 2.6
1%
Низкий
больше 17 лет назад
nvd логотип
CVE-2007-5977

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.

CVSS2: 3.5
0%
Низкий
больше 17 лет назад
nvd логотип
CVE-2007-5976

SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.

CVSS2: 6.5
1%
Низкий
больше 17 лет назад
debian логотип
CVE-2007-5977

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmi ...

CVSS2: 3.5
0%
Низкий
больше 17 лет назад

Уязвимостей на страницу

Поделиться