phpmyadmin

272 tracked vulnerabilities.

CVE-2011-3181
phpMyAdmin 3.3.x-3.3.10.3 and 3.4.x-3.4.3 - Cross-Site Scripting via Tracking Feature
Aug 29, 2011
EPSS 0.01
CVE-2011-2719
phpMyAdmin 3.x < 3.3.10.3 and 3.4.x < 3.4.3.2 - Session Variable Manipulation via Crafted Query String
Aug 01, 2011
EPSS 0.02
CVE-2011-2718
phpMyAdmin 3.4.x < 3.4.3.2 - Authenticated Path Traversal via Export Type Field
Aug 01, 2011
EPSS 0.01
CVE-2011-2643
phpMyAdmin 3.4.x < 3.4.3.2 - Remote File Inclusion via MIME-Type Transformation Parameter
Aug 01, 2011
EPSS 0.00
CVE-2011-2642
phpMyAdmin < 3.3.10.3 and 3.4.x < 3.4.3.2 - Authenticated Cross-Site Scripting via Table Name
Aug 01, 2011
EPSS 0.01
CVE-2011-2508
phpMyAdmin 3.x < 3.3.10.2 and 3.4.x < 3.4.3.1 - Authenticated Path Traversal via MIME Transformation Parameter
Jul 14, 2011
EPSS 0.11
CVE-2011-2507
phpMyAdmin 3.x < 3.3.10.2 / 3.4.x < 3.4.3.1 - Remote Code Execution via PREG_REPLACE_EVAL
Jul 14, 2011
EPSS 0.04
CVE-2011-2506
phpMyAdmin 3.x < 3.3.10.2 and 3.4.x < 3.4.3.1 - Remote Code Injection via SESSION Superglobal
Jul 14, 2011
EPSS 0.34
CVE-2011-2505
phpMyAdmin 3.x < 3.3.10.2 and 3.4.x < 3.4.3.1 - Remote Variable Manipulation via Swekey Authentication Query String
Jul 14, 2011
EPSS 0.37
CVE-2011-0987
phpMyAdmin 2.11.x < 2.11.11.3 and 3.3.x < 3.3.9.2 - Authenticated SQL Injection via Bookmark Query
Feb 14, 2011
EPSS 0.03
CVE-2011-0986
phpMyAdmin 2.11.x < 2.11.11.2 and 3.3.x < 3.3.9.1 - Installation Path Disclosure via Missing File Request
Feb 14, 2011
EPSS 0.01
CVE-2010-4481
phpMyAdmin < 3.4.0-beta1 - Unauthenticated Sensitive Information Exposure via phpinfo.php
Dec 17, 2010
EPSS 0.01
CVE-2010-4480
phpMyAdmin < 3.4.0-beta1 - Cross-Site Scripting via BBcode Tag
Dec 08, 2010
EPSS 0.07
CVE-2010-4329
phpMyAdmin 2.11.x < 2.11.11.1 and 3.x < 3.3.8.1 - Cross-Site Scripting via PMA_linkOrButton Function
Dec 02, 2010
EPSS 0.01
CVE-2010-3263
phpMyAdmin 3.x < 3.3.7 - Cross-Site Scripting via Server Name
Sep 10, 2010
EPSS 0.00
CVE-2010-2958
phpMyAdmin 3.x < 3.3.6 - Cross-Site Scripting via Error Debugging Messages
Sep 08, 2010
EPSS 0.00
CVE-2010-3056
phpMyAdmin 2.11.x < 2.11.10.1 and 3.x < 3.3.5.1 - Cross-Site Scripting
Aug 24, 2010
EPSS 0.01
CVE-2010-3055
phpMyAdmin 2.11.x - Remote Code Execution via Setup Script Key Name Injection
Aug 24, 2010
EPSS 0.02
CVE-2009-4605
phpMyAdmin 2.11.x < 2.11.10 - Cross-Site Request Forgery via Unserialize Function in Setup Script
Jan 19, 2010
EPSS 0.00
CVE-2009-3697
phpMyAdmin 2.11.x-2.11.9.5 and 3.x-3.2.2.0 - SQL Injection via PDF Schema Generator
Oct 16, 2009
EPSS 0.03
CVE-2009-3696
phpMyAdmin 2.11.x < 2.11.9.6 and 3.x < 3.2.2.1 - Cross-Site Scripting via MySQL Table Name
Oct 16, 2009
EPSS 0.03
CVE-2009-2284
phpMyAdmin < 3.2.0.1 - Cross-Site Scripting via SQL Bookmark
Jul 01, 2009
EPSS 0.01
CVE-2009-1285
phpMyAdmin < 3.1.3.2 - Remote Code Injection via ConfigFile.class.php
Apr 16, 2009
EPSS 0.36
CVE-2009-1151 CRITICAL KEVNUCLEI
phpMyAdmin 2.11.0-2.11.9.4 and 3.x < 3.1.3.1 - Remote Code Injection via Setup Configuration Save
Mar 26, 2009
CVSS 9.8
EPSS 0.93
CVE-2009-1150
phpMyAdmin 2.11.x < 2.11.9.5 and 3.x < 3.1.3.1 - Cross-Site Scripting via pma_db_filename_template Cookie
Mar 26, 2009
EPSS 0.01
Products
phpmyadmin 271 phpMyAdmin 2
Quick Filters
Critical CVEs With Exploits In CISA KEV