phpMyAdmin — веб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin

Вендор: phpmyadmin

График релизов

Недавние уязвимости phpMyAdmin

Количество 1 095

CVE-2007-5977

около 18 лет назад

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.

CVSS2: 3.5

EPSS: Низкий

CVE-2007-5976

около 18 лет назад

SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11 ...

CVSS2: 6.5

EPSS: Низкий

CVE-2007-5977

около 18 лет назад

Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmi ...

CVSS2: 3.5

EPSS: Низкий

CVE-2007-5976

около 18 лет назад

SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.

CVSS2: 6.5

EPSS: Низкий

CVE-2007-5977

около 18 лет назад

CVSS2: 3.5

EPSS: Низкий

CVE-2007-5589

около 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.

CVSS2: 4.3

EPSS: Средний

CVE-2007-5589

около 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...

CVSS2: 4.3

EPSS: Средний

CVE-2007-5589

около 18 лет назад

CVSS2: 4.3

EPSS: Средний

CVE-2007-5386

около 18 лет назад

Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.

CVSS2: 4.3

EPSS: Средний

CVE-2007-5386

около 18 лет назад

Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMy ...

CVSS2: 4.3

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2007-5977 Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.	CVSS2: 3.5	1% Низкий	около 18 лет назад
CVE-2007-5976 SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11 ...	CVSS2: 6.5	1% Низкий	около 18 лет назад
CVE-2007-5977 Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmi ...	CVSS2: 3.5	1% Низкий	около 18 лет назад
CVE-2007-5976 SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.	CVSS2: 6.5	1% Низкий	около 18 лет назад
CVE-2007-5977 Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.	CVSS2: 3.5	1% Низкий	около 18 лет назад
CVE-2007-5589 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.	CVSS2: 4.3	11% Средний	около 18 лет назад
CVE-2007-5589 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...	CVSS2: 4.3	11% Средний	около 18 лет назад
CVE-2007-5589 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.	CVSS2: 4.3	11% Средний	около 18 лет назад
CVE-2007-5386 Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.	CVSS2: 4.3	11% Средний	около 18 лет назад
CVE-2007-5386 Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMy ...	CVSS2: 4.3	11% Средний	около 18 лет назад

Уязвимостей на страницу