Количество 1 093
Количество 1 093
CVE-2004-2630
The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
CVE-2004-2630
The MIME transformation system (transformations/text_plain__external.i ...
CVE-2004-1148
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.
CVE-2004-1148
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...
CVE-2004-1147
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2004-1147
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external t ...
CVE-2004-1055
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.
CVE-2004-1055
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6. ...
CVE-2004-0129
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter.
CVE-2004-0129
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter.
CVE-2004-0129
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 an ...
CVE-2001-1060
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.
CVE-2001-0478
Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.
BDU:2021-01804
Уязвимость функции «Export» веб-приложения для администрирования систем управления базами данных phpMyAdmin, позволяющая нарушителю выполнить произвольный код
BDU:2019-04000
Уязвимость веб-приложения для администрирования систем управления базами данных phpMyAdmin, связанная с подделкой межсайтовых запросов, позволяющая нарушителю удалить любой сервер на странице установки
BDU:2018-01545
Уязвимость веб-приложения для администрирования cистем управления базами данных phpMyAdmin, связанная с недостатками процедуры аутентификации, позволяющая нарушителю просматривать и выполнять файлы на сервере
openSUSE-SU-2019:2599-1
Security update for phpMyAdmin
GHSA-x3hp-v67w-2vc2
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.
GHSA-jjpc-pf2f-wwgg
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
GHSA-jgjc-332c-8cmc
SQL injection in phpMyAdmin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2004-2630 The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. | CVSS2: 7.5 | 2% Низкий | больше 20 лет назад |
| CVE-2004-2630 The MIME transformation system (transformations/text_plain__external.i ... | CVSS2: 7.5 | 2% Низкий | больше 20 лет назад |
| CVE-2004-1148 phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter. | CVSS2: 5 | 0% Низкий | больше 20 лет назад |
| CVE-2004-1148 phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ... | CVSS2: 5 | 0% Низкий | больше 20 лет назад |
| CVE-2004-1147 phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters. | CVSS2: 10 | 5% Низкий | больше 20 лет назад |
| CVE-2004-1147 phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external t ... | CVSS2: 10 | 5% Низкий | больше 20 лет назад |
| CVE-2004-1055 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. | CVSS2: 6.8 | 1% Низкий | больше 20 лет назад |
| CVE-2004-1055 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6. ... | CVSS2: 6.8 | 1% Низкий | больше 20 лет назад |
 | CVE-2004-0129 Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. | CVSS2: 5 | 13% Средний | больше 21 года назад |
| CVE-2004-0129 Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. | CVSS2: 5 | 13% Средний | больше 21 года назад |
| CVE-2004-0129 Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 an ... | CVSS2: 5 | 13% Средний | больше 21 года назад |
| CVE-2001-1060 phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php. | CVSS2: 7.5 | 1% Низкий | около 24 лет назад |
| CVE-2001-0478 Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. | CVSS2: 7.5 | 1% Низкий | около 24 лет назад |
 | BDU:2021-01804 Уязвимость функции «Export» веб-приложения для администрирования систем управления базами данных phpMyAdmin, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 0% Низкий | почти 5 лет назад |
| BDU:2019-04000 Уязвимость веб-приложения для администрирования систем управления базами данных phpMyAdmin, связанная с подделкой межсайтовых запросов, позволяющая нарушителю удалить любой сервер на странице установки | CVSS3: 4.3 | 25% Средний | около 6 лет назад |
| BDU:2018-01545 Уязвимость веб-приложения для администрирования cистем управления базами данных phpMyAdmin, связанная с недостатками процедуры аутентификации, позволяющая нарушителю просматривать и выполнять файлы на сервере | CVSS3: 8.8 | 94% Критический | около 7 лет назад |
 | openSUSE-SU-2019:2599-1 Security update for phpMyAdmin | 1% Низкий | больше 5 лет назад | |
| GHSA-x3hp-v67w-2vc2 The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence. | 0% Низкий | больше 3 лет назад | |
| GHSA-jjpc-pf2f-wwgg The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod. | 3% Низкий | около 3 лет назад | |
| GHSA-jgjc-332c-8cmc SQL injection in phpMyAdmin | CVSS3: 9.8 | 1% Низкий | больше 5 лет назад |
Уязвимостей на страницу