Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"
phpMyAdmin

phpMyAdminвеб-приложение с открытым кодом, написанное на языке PHP и представляющее собой веб-интерфейс для администрирования СУБД MySQL.

Релизный цикл, информация об уязвимостях

Продукт: phpMyAdmin
Вендор: phpmyadmin

График релизов

4.74.84.95.05.15.22017201820192020202120222023202420252026

Недавние уязвимости phpMyAdmin

Количество 1 092

nvd логотип

CVE-2006-5718

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data.

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2006-5718

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2. ...

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2006-5718

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2006-5117

больше 18 лет назад

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2006-5116

больше 18 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017.

CVSS2: 5.1
EPSS: Низкий
debian логотип

CVE-2006-5117

больше 18 лет назад

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web do ...

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2006-5116

больше 18 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdm ...

CVSS2: 5.1
EPSS: Низкий
ubuntu логотип

CVE-2006-5116

больше 18 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017.

CVSS2: 5.1
EPSS: Низкий
ubuntu логотип

CVE-2006-5117

больше 18 лет назад

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2006-3388

почти 19 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter.

CVSS2: 5.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2006-5718

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data.

CVSS2: 4.3
1%
Низкий
больше 18 лет назад
debian логотип
CVE-2006-5718

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2. ...

CVSS2: 4.3
1%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2006-5718

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data.

CVSS2: 4.3
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.

CVSS2: 5
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2006-5116

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017.

CVSS2: 5.1
2%
Низкий
больше 18 лет назад
debian логотип
CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web do ...

CVSS2: 5
0%
Низкий
больше 18 лет назад
debian логотип
CVE-2006-5116

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdm ...

CVSS2: 5.1
2%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2006-5116

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017.

CVSS2: 5.1
2%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.

CVSS2: 5
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2006-3388

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter.

CVSS2: 5.8
1%
Низкий
почти 19 лет назад

Уязвимостей на страницу

Поделиться