phpmyadmin

CVE-2018-15605 MEDIUM

phpMyAdmin < 4.8.3 - Cross-Site Scripting via Crafted Import File

Aug 24, 2018

CVSS 6.1

EPSS 0.01

CVE-2018-12613 HIGH NUCLEI

phpMyAdmin 4.8.x <4.8.2 - Code Injection

Jun 21, 2018

CVSS 8.8

EPSS 0.94

CVE-2018-12581 MEDIUM

phpMyAdmin < 4.8.2 - Stored Cross-Site Scripting via Designer Database Name

Jun 21, 2018

CVSS 6.1

EPSS 0.01

CVE-2018-10188 HIGH

phpMyAdmin 4.8.0 - Cross-Site Request Forgery

Apr 19, 2018

CVSS 8.8

EPSS 0.01

CVE-2018-7260 MEDIUM

phpMyAdmin < 4.7.8 - Authenticated Cross-Site Scripting via db_central_columns.php

Feb 21, 2018

CVSS 5.4

EPSS 0.00

CVE-2017-18264 CRITICAL

phpMyAdmin <4.0.10.20, 4.4.x, 4.6.x, 4.7.0 - Auth Bypass

May 01, 2018

CVSS 9.8

EPSS 0.00

CVE-2017-1000499 HIGH

phpMyAdmin 4.7.0-4.7.6 - Cross-Site Request Forgery

Jan 03, 2018

CVSS 8.8

EPSS 0.11

CVE-2017-1000018 HIGH

phpMyAdmin 4.0-4.0.10.18, 4.6-4.6.5 - Denial of Service via Replication Status Table Name

Jul 17, 2017

CVSS 7.5

EPSS 0.01

CVE-2017-1000017 HIGH

phpMyAdmin 4.0-4.0.10.19, 4.6-4.6.6 - Authenticated Server-Side Request Forgery via MySQL Server Connection

Jul 17, 2017

CVSS 8.8

EPSS 0.01

CVE-2017-1000016 HIGH

phpMyAdmin 4.6.0-4.6.5 - Arbitrary Cookie Injection via Improper Input Validation

Jul 17, 2017

CVSS 7.5

EPSS 0.00

CVE-2017-1000015 MEDIUM

phpMyAdmin 4.0, 4.4, 4.6 - Cross-Site Scripting via Cookie Parameter

Jul 17, 2017

CVSS 6.1

EPSS 0.01

CVE-2017-1000014 HIGH

phpMyAdmin 4.0, 4.4, 4.6 - Denial of Service in Table Editing Functionality

Jul 17, 2017

CVSS 7.5

EPSS 0.01

CVE-2017-1000013 MEDIUM

phpMyAdmin 4.0, 4.4, 4.6 - Open Redirect

Jul 17, 2017

CVSS 6.1

EPSS 0.00

CVE-2016-6621 HIGH

phpMyAdmin <4.0.10.19, <4.4.15.10, <4.6.6 - SSRF

Jan 31, 2017

CVSS 8.6

EPSS 0.00

CVE-2016-9866 CRITICAL

phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - Cross-Site Request Forgery via Preference Import Return URL

Dec 11, 2016

CVSS 9.8

EPSS 0.00

CVE-2016-9865 CRITICAL

phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - Unauthenticated Remote Code Execution via Serialized String Parsing Bypass

Dec 11, 2016

CVSS 9.8

EPSS 0.00

CVE-2016-9864 HIGH

phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - SQL Injection via Tracking Functionality

Dec 11, 2016

CVSS 7.5

EPSS 0.00

CVE-2016-9863 HIGH

phpMyAdmin 4.6.0-4.6.4 - Denial of Service via Table Partitioning Function

Dec 11, 2016

CVSS 7.5

EPSS 0.01

CVE-2016-9862 HIGH

phpMyAdmin 4.6.x < 4.6.5 - BBCode Injection in Login Page

Dec 11, 2016

CVSS 7.5

EPSS 0.00

CVE-2016-9861 HIGH

phpMyAdmin 4.0.x < 4.0.10.18, 4.4.x < 4.4.15.9, 4.6.x < 4.6.5 - URL Whitelist Bypass

Dec 11, 2016

CVSS 7.5

EPSS 0.00

CVE-2016-9860 MEDIUM

phpMyAdmin < 4.0.10.18, 4.4.15.9, 4.6.5 - Unauthenticated DoS via AllowArbitraryServer

Dec 11, 2016

CVSS 5.9

EPSS 0.01

CVE-2016-9859 MEDIUM

phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - Denial of Service via Crafted Import Request Parameter

Dec 11, 2016

CVSS 5.3

EPSS 0.01

CVE-2016-9858 MEDIUM

phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - Denial of Service via Saved Searches Feature

Dec 11, 2016

CVSS 5.3

EPSS 0.01

CVE-2016-9857 MEDIUM

phpMyAdmin 4.6.x < 4.6.5, 4.4.x < 4.4.15.9, 4.0.x < 4.0.10.18 - XSS via JavaScript Regex Weakness

Dec 11, 2016

CVSS 6.1

EPSS 0.00

CVE-2016-9856 MEDIUM

phpMyAdmin 4.6.x < 4.6.5, 4.4.x < 4.4.15.9, 4.0.x < 4.0.10.18 - Cross-Site Scripting

Dec 11, 2016

CVSS 6.1

EPSS 0.00