Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"

Количество 1 093

Количество 1 093

debian логотип

CVE-2007-1395

больше 18 лет назад

Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 th ...

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2007-1325

больше 18 лет назад

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.

CVSS2: 7.1
EPSS: Низкий
nvd логотип

CVE-2007-1325

больше 18 лет назад

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.

CVSS2: 7.1
EPSS: Низкий
debian логотип

CVE-2007-1325

больше 18 лет назад

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in php ...

CVSS2: 7.1
EPSS: Низкий
ubuntu логотип

CVE-2007-0341

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2007-0341

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992.

CVSS2: 6.8
EPSS: Низкий
debian логотип

CVE-2007-0341

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earli ...

CVSS2: 6.8
EPSS: Низкий
ubuntu логотип

CVE-2007-0204

больше 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2007-0204

больше 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.

CVSS2: 6.8
EPSS: Низкий
debian логотип

CVE-2007-0204

больше 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...

CVSS2: 6.8
EPSS: Низкий
ubuntu логотип

CVE-2007-0203

больше 18 лет назад

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVSS2: 10
EPSS: Низкий
nvd логотип

CVE-2007-0203

больше 18 лет назад

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVSS2: 10
EPSS: Низкий
debian логотип

CVE-2007-0203

больше 18 лет назад

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 ha ...

CVSS2: 10
EPSS: Низкий
ubuntu логотип

CVE-2007-0095

больше 18 лет назад

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-0095

больше 18 лет назад

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2007-0095

больше 18 лет назад

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive informa ...

CVSS2: 5
EPSS: Низкий
ubuntu логотип

CVE-2006-6944

больше 18 лет назад

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-6944

больше 18 лет назад

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.

CVSS2: 7.5
EPSS: Низкий
debian логотип

CVE-2006-6944

больше 18 лет назад

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...

CVSS2: 7.5
EPSS: Низкий
ubuntu логотип

CVE-2006-6943

больше 18 лет назад

PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] array arguments to (c) index.php, and the (7) back[] argument to (d) sql.php; and an invalid (8) sort_by parameter to (e) server_databases.php and (9) db parameter to (f) db_printview.php.

CVSS2: 5
EPSS: Средний

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
debian логотип
CVE-2007-1395

Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 th ...

CVSS2: 4.3
1%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2007-1325

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.

CVSS2: 7.1
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1325

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.

CVSS2: 7.1
1%
Низкий
больше 18 лет назад
debian логотип
CVE-2007-1325

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in php ...

CVSS2: 7.1
1%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2007-0341

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992.

CVSS2: 6.8
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-0341

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992.

CVSS2: 6.8
0%
Низкий
больше 18 лет назад
debian логотип
CVE-2007-0341

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earli ...

CVSS2: 6.8
0%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2007-0204

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.

CVSS2: 6.8
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-0204

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.

CVSS2: 6.8
1%
Низкий
больше 18 лет назад
debian логотип
CVE-2007-0204

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin befo ...

CVSS2: 6.8
1%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2007-0203

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVSS2: 10
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-0203

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVSS2: 10
1%
Низкий
больше 18 лет назад
debian логотип
CVE-2007-0203

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 ha ...

CVSS2: 10
1%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2007-0095

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

CVSS2: 5
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-0095

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

CVSS2: 5
1%
Низкий
больше 18 лет назад
debian логотип
CVE-2007-0095

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive informa ...

CVSS2: 5
1%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2006-6944

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.

CVSS2: 7.5
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2006-6944

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.

CVSS2: 7.5
0%
Низкий
больше 18 лет назад
debian логотип
CVE-2006-6944

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...

CVSS2: 7.5
0%
Низкий
больше 18 лет назад
ubuntu логотип
CVE-2006-6943

PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] array arguments to (c) index.php, and the (7) back[] argument to (d) sql.php; and an invalid (8) sort_by parameter to (e) server_databases.php and (9) db parameter to (f) db_printview.php.

CVSS2: 5
11%
Средний
больше 18 лет назад

Уязвимостей на страницу