pkg:Debian/phpmyadmin

294 total CVEsCRITICAL18HIGH37MEDIUM81LOW1

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2009-1151⚠ KEVphpMyAdmin Remote Code Execution Vulnerability
from 0, < 4:3.1.3.1-1
CRITICAL9.8CVE-2020-22452phpmyadmin contains SQL Injection vulnerability
from 0, < 4:5.0.4+dfsg1-1
CRITICAL9.8CVE-2020-26935phpMyAdmin SQL injection vulnerability
from 0, < 4:4.9.7+dfsg1-1
CRITICAL9.8CVE-2019-19617phpmyadmin - security update
from 0, < 4:4.9.2+dfsg1-1
CRITICAL9.8CVE-2019-19617phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u7
CRITICAL9.8CVE-2019-19617phpmyadmin - security update
from 0, < 4:4.6.6-4+deb9u2
CRITICAL9.8CVE-2019-11768phpMyAdmin SQL injection in Designer feature
from 0, < 4:4.9.1+dfsg1-2
CRITICAL9.8CVE-2016-5734phpMyAdmin Code Injection vulnerability
from 0, < 4:4.6.3-1
CRITICAL9.8CVE-2016-6629phpMyAdmin Authentication Bypass
from 0, < 4:4.6.4+dfsg1-1
CRITICAL9.8CVE-2016-9866phpMyAdmin CSRF Vulnerability
from 0, < 4:4.6.5.1-1
CRITICAL9.8CVE-2019-6798phpMyAdmin SQL injection in Designer feature
from 0, < 4:4.9.1+dfsg1-2
CRITICAL9.8CVE-2017-18264phpMyAdmin Improper Privilege Management
from 0, < 4:4.6.6-2
CRITICAL9.8CVE-2019-18622SQL injection in phpMyAdmin
from 0, < 4:4.9.2+dfsg1-1
CRITICAL9.8CVE-2015-8980The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.
from 0, < 4:4.6.6-1
CRITICAL9.8CVE-2016-9865An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
CRITICAL9.8CVE-2016-9849An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
CRITICAL9.8CVE-2016-6620An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
CRITICAL9.8CVE-2016-5703SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote a…
from 0, < 4:4.6.3-1
HIGH8.8CVE-2020-5504phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u8
HIGH8.8CVE-2020-5504phpmyadmin - security update
from 0, < 4:4.9.4+dfsg1-1
HIGH8.8CVE-2018-10188phpMyAdmin CSRF vulnerability allowing arbitrary SQL execution
from 0, < 4:4.9.1+dfsg1-2
HIGH8.8CVE-2016-6609phpmyadmin - security update
from 0, < 4:4.6.4+dfsg1-1
HIGH8.8CVE-2016-6609phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u3
HIGH8.8CVE-2017-1000017phpMyAdmin SSRF in replication
from 0, < 4:4.6.6-1
HIGH8.8CVE-2018-19969phpMyAdmin CSRF Vulnerability
from 0, < 4:4.9.1+dfsg1-2
HIGH8.8CVE-2016-6619An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
HIGH8.6CVE-2016-6621phpmyadmin - security update
from 0, < 4:3.4.11.1-2+deb7u8
HIGH8.6CVE-2016-6621phpmyadmin - security update
from 0, < 4:4.6.6-1
HIGH8.5CVE-2013-3239phpmyadmin - security update
from 0, < 4:3.4.11.1-2
HIGH8.5CVE-2013-3239phpmyadmin - security update
from 0, < 4:3.3.7-8
HIGH8.1CVE-2016-6633phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension
from 0, < 4:4.6.4+dfsg1-1
HIGH8.1CVE-2016-6617An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
HIGH8.1CVE-2016-6611An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
HIGH8.1CVE-2016-6606phpmyadmin - security update
from 0, < 4:3.4.11.1-2+deb7u6
HIGH8.1CVE-2016-6606phpmyadmin - security update
from 0, < 4:4.6.4+dfsg1-1
HIGH8.0CVE-2020-10804phpMyAdmin SQL Injection
from 0, < 4:4.9.5+dfsg1-1
HIGH8.0CVE-2020-10802phpmyadmin - security update
from 0, < 4:4.9.5+dfsg1-1
HIGH8.0CVE-2020-10802phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u9
HIGH7.5CVE-2016-1927phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u2
HIGH7.5CVE-2016-1927phpmyadmin - security update
from 0, < 4:4.5.4-1
HIGH7.5CVE-2016-1927phpmyadmin - security update
from 0, < 4:3.4.11.1-2+deb7u3
HIGH7.5CVE-2016-9861phpMyAdmin Bypass white-list protection for URL redirection
from 0, < 4:4.6.5.1-1
HIGH7.5CVE-2016-9863phpMyAdmin DoS Vulnerability
from 0, < 4:4.6.5.1-1
HIGH7.5CVE-2017-1000016phpMyAdmin Cookie attribute injection attack
from 0, < 4:4.6.6-1
HIGH7.5CVE-2016-5739phpMyAdmin vulnerable to Cross-Site Request Forgery
from 0, < 4:4.6.3-1
HIGH7.5CVE-2016-5706phpMyAdmin Denial Of Service (DOS) attack
from 0, < 4:4.6.3-1
HIGH7.5CVE-2016-2041phpMyAdmin Unsafe comparison of XSRF/CSRF token
from 0, < 4:4.5.4-1
HIGH7.5CVE-2017-1000014phpMyAdmin DoS Vulnerability
from 0, < 4:4.6.6-1
HIGH7.5CVE-2017-1000018phpMyAdmin DoS Vulnerability
from 0, < 4:4.6.6-1
HIGH7.5CVE-2022-0813PhpMyAdmin exposure of sensitive information
from 0
HIGH7.5CVE-2021-21252Regular Expression Denial of Service in jquery-validation
from 0, < 4:5.0.4+dfsg2-2
HIGH7.5CVE-2016-9864An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
HIGH7.5CVE-2016-9862An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
HIGH7.5CVE-2016-6631An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
HIGH7.5CVE-2016-6616An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.8CVE-2016-2562phpMyAdmin Improper Input Validation
from 0, < 4:4.5.5.1-1
MEDIUM6.8CVE-2016-6614An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features.
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.5CVE-2019-12922phpMyAdmin Cross-Site Request Forgery (CSRF)
from 0, < 4:4.9.1+dfsg1-2
MEDIUM6.5CVE-2019-12616phpMyAdmin CSRF Vulnerability
from 0, < 4:4.9.1+dfsg1-2
MEDIUM6.5CVE-2016-6623phpMyAdmin DoS Vulnerability
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.5CVE-2016-6612phpMyAdmin Local file exposure
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.5CVE-2011-4107phpMyAdmin vulnerable to XML external entity (XXE) injection attack
from 0, < 4:3.4.7.1-1
MEDIUM6.5CVE-2016-6618phpMyAdmin Denial of service (DOS) attack in transformation feature
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.5CVE-2018-19968phpmyadmin - security update
from 0, < 4:4.9.1+dfsg1-2
MEDIUM6.5CVE-2018-19968phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u4
MEDIUM6.5CVE-2016-6630An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.4CVE-2025-24530phpMyAdmin XSS when checking tables
from 0, < 4:5.0.4+dfsg2-2+deb11u2
MEDIUM6.4CVE-2025-24529An issue was discovered in phpMyAdmin 5.x before 5.2.2.
from 0, < 4:5.0.4+dfsg2-2+deb11u2
MEDIUM6.3CVE-2016-6628phpMyAdmin Reflected File Download attack
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.3CVE-2005-4349SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL command…
from 0, < 4:3.2.0-1
MEDIUM6.1CVE-2025-3573jquery-validation vulnerable to Cross-site Scripting
from 0
MEDIUM6.1CVE-2020-26934phpMyAdmin Cross-site Scripting (XSS)
from 0, < 4:4.9.7+dfsg1-1
MEDIUM6.1CVE-2016-5732phpMyAdmin XSS Vulnerability
from 0, < 4:4.6.3-1
MEDIUM6.1CVE-2016-5704phpMyAdmin XSS Vulnerability
from 0, < 4:4.6.3-1
MEDIUM6.1CVE-2016-6608phpMyAdmin Cross-site Scripting (XSS)
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.1CVE-2016-9857phpMyAdmin XSS Vulnerability
from 0, < 4:4.6.5.1-1
MEDIUM6.1CVE-2016-9856phpMyAdmin XSS Vulnerability
from 0, < 4:4.6.5.1-1
MEDIUM6.1CVE-2018-12581phpMyAdmin XSS Vulnerability
from 0, < 4:4.9.1+dfsg1-2
MEDIUM6.1CVE-2016-5731phpmyadmin - security update
from 0, < 4:3.4.11.1-2+deb7u5
MEDIUM6.1CVE-2016-5705phpMyAdmin vulnerable to Cross-site Scripting
from 0, < 4:4.6.3-1
MEDIUM6.1CVE-2016-5701phpMyAdmin vulnerable to Cross-site Scripting
from 0, < 4:4.6.3-1
MEDIUM6.1CVE-2016-5733phpMyAdmin vulnerable to Cross-site Scripting
from 0, < 4:4.6.3-1
MEDIUM6.1CVE-2016-5731phpmyadmin - security update
from 0, < 4:4.6.3-1
MEDIUM6.1CVE-2017-1000013phpMyAdmin Open Redirect
from 0, < 4:4.6.6-1
MEDIUM6.1CVE-2017-1000015phpMyAdmin CSS Injection Vulnerability
from 0, < 4:4.6.6-1
MEDIUM6.1CVE-2018-19970phpMyAdmin Cross-site Scripting (XSS) vulnerability
from 0, < 4:4.9.1+dfsg1-2
MEDIUM6.1CVE-2022-23808Cross-site Scripting in phpmyadmin
from 0
MEDIUM6.1CVE-2020-11441phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be refl…
from 0
MEDIUM6.1CVE-2016-6615XSS issues were discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.1CVE-2016-6607phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u6
MEDIUM6.1CVE-2016-6607phpmyadmin - security update
from 0, < 4:4.6.4+dfsg1-1
MEDIUM6.1CVE-2016-5099Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbit…
from 0, < 4:4.6.2-1
MEDIUM6.1CVE-2016-2560Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 a…
from 0, < 4:4.5.5.1-1
MEDIUM5.9CVE-2016-6624phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention
from 0, < 4:4.6.4+dfsg1-1
MEDIUM5.9CVE-2016-6632phpMyAdmin Denial of service (DOS) attack with dbase extension
from 0, < 4:4.6.4+dfsg1-1
MEDIUM5.9CVE-2016-9860phpMyAdmin Denial of Service (DoS)
from 0, < 4:4.6.5.1-1
MEDIUM5.9CVE-2016-6622phpMyAdmin DoS Vulnerability
from 0, < 4:4.6.4+dfsg1-1
MEDIUM5.9CVE-2019-6799phpmyadmin - security update
from 0, < 4:4.2.12-2+deb8u5
MEDIUM5.9CVE-2019-6799phpmyadmin - security update
from 0, < 4:4.9.1+dfsg1-2
MEDIUM5.5CVE-2008-1567phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file…
from 0, < 2.11.5.1
MEDIUM5.4CVE-2023-25727phpmyadmin - security update
from 0, < 4:5.0.4+dfsg2-2+deb11u2
MEDIUM5.4CVE-2023-25727phpmyadmin - security update
from 0, < 4:5.0.4+dfsg2-2+deb11u2
MEDIUM5.4CVE-2020-10803phpMyAdmin SQL injection vulnerability
from 0, < 4:4.9.5+dfsg1-1
MEDIUM5.4CVE-2013-4729phpMyAdmin Global variables scope injection vulnerability
from 0, < 4:4.0.4.1-1
MEDIUM5.4CVE-2016-2559phpMyAdmin Cross-site scripting (XSS) vulnerability in SQL parser
from 0, < 4:4.5.5.1-1
MEDIUM5.4CVE-2018-7260phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
from 0, < 4:4.9.1+dfsg1-2
MEDIUM5.4CVE-2016-2040phpMyAdmin XSS Vulnerability
from 0, < 4:4.5.4-1
MEDIUM5.4CVE-2016-6626An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
MEDIUM5.4CVE-2016-2561Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated…
from 0, < 4:4.5.5.1-1
MEDIUM5.4CVE-2016-2045Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arb…
from 0, < 4:4.5.4-1
MEDIUM5.4CVE-2016-2043Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x…
from 0, < 4:4.5.4-1
MEDIUM5.3CVE-2016-6613phpMyAdmin Local file exposure through symlinks with UploadDir
from 0, < 4:4.6.4+dfsg1-1
MEDIUM5.3CVE-2016-9847phpMyAdmin Cryptographic Vulnerability
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9853phpMyAdmin path disclosure
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9851phpMyAdmin Bypass logout timeout
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-5730phpMyAdmin full path disclosure vulnerability
from 0, < 4:4.6.3-1
MEDIUM5.3CVE-2016-9859An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9858An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9855An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9854An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9852An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9850An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-9848An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.5.1-1
MEDIUM5.3CVE-2016-6627An issue was discovered in phpMyAdmin.
from 0, < 4:4.6.4+dfsg1-1
MEDIUM5.3CVE-2016-5097phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allow…
from 0, < 4:4.6.2-1
MEDIUM5.3CVE-2016-2044libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive informatio…
from 0, < 4:4.5.4-1
MEDIUM5.3CVE-2016-2042phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1…
from 0, < 4:4.5.4-1
MEDIUM5.3CVE-2016-2039phpmyadmin - security update
from 0, < 4:4.5.4-1
MEDIUM5.3CVE-2016-2039phpmyadmin - security update
from 0, < 4:3.3.7-11
MEDIUM5.3CVE-2016-2038phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information vi…
from 0, < 4:4.5.4-1
MEDIUM5.3CVE-2015-8669libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attac…
from 0, < 4:4.5.3.1-1
MEDIUM4.4CVE-2016-4412phpmyadmin - security update
from 0, < 4:4.1.7-1
MEDIUM4.4CVE-2016-4412phpmyadmin - security update
from 0, < 4:3.4.11.1-2+deb7u7
MEDIUM4.3CVE-2016-6625phpMyAdmin allows to detect if user is logged in
from 0, < 4:4.6.4+dfsg1-1
MEDIUM4.3CVE-2022-23807Improper Authentication in phpmyadmin
from 0
MEDIUM4.3CVE-2016-6610A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to di…
from 0, < 4:4.6.4+dfsg1-1
LOW3.7CVE-2016-5702phpMyAdmin cookie-attribute injection
from 0, < 4:4.6.3-1
—CVE-2010-2958phpMyAdmin Cross-site Scripting vulnerability
from 0, < 4:3.3.6-1
—CVE-2010-4481phpMyAdmin allows remote attackers to bypass authentication and obtain sensitive information
from 0, < 4:3.3.7-3
—CVE-2008-7252phpMyAdmin unsafely handles temporary files
from 0, < 4:3.0.0-1
—CVE-2011-1941phpMyAdmin Open Redirect in redirector
from 0, < 4:3.4.1-1
—CVE-2012-4579phpMyAdmin Multiple XSS Vulnerabilities
from 0, < 4:3.4.11.1-1
—CVE-2011-1940phpmyadmin - several
from 0, < 4:3.3.7-7
—CVE-2011-1940phpmyadmin - several
from 0, < 4:3.4.1-1
—CVE-2011-4634phpMyAdmin vulnerable to Cross-site Scripting
from 0, < 4:3.4.8-1
—CVE-2012-4345phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
from 0, < 4:3.4.11.1-1
—CVE-2013-4997phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities
from 0, < 4:4.0.4.2-1
—CVE-2011-3591phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
from 0, < 4:3.4.5-1
—CVE-2011-3592phpMyAdmin Multiple XSS Vulnerabilities
from 0, < 4:3.4.5-1
—CVE-2014-7217phpMyAdmin cross-site scripting Vulnerability via ENUM value
from 0, < 4:4.2.9.1-1
—CVE-2015-7873phpMyAdmin allows remote attackers to spoof content via the url parameter
from 0, < 4:4.5.1-1
—CVE-2014-4986phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
from 0, < 4:4.2.6-1
—CVE-2015-6830phpMyAdmin ReCaptcha bypass
from 0, < 4:4.4.14.1-1
—CVE-2013-5002phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
from 0, < 4:4.0.4.2-1
—CVE-2011-0986phpMyAdmin allows remote attackers to obtain installation path via direct request for nonexistent file
from 0, < 4:3.3.9.2-1
—CVE-2011-2718phpMyAdmin Directory Traversal Vulnerability
from 0, < 4:3.4.3.2-1
—CVE-2011-4782phpMyAdmin Cross-site Scripting vulnerability
from 0, < 4:3.4.9-1
—CVE-2011-2508phpMyAdmin Directory Traversal vulnerability
from 0, < 4:3.4.3.1-1
—CVE-2011-2505phpymadmin - several
from 0, < 4:3.4.3.1-1
—CVE-2011-2505phpymadmin - several
from 0, < 4:3.3.7-6
—CVE-2011-2506phpMyAdmin vulnerable to static code injection
from 0, < 4:3.4.3.1-1
—CVE-2014-6300phpMyAdmin micro history Implementation XSS Vulnerability
from 0, < 4:4.2.8.1-1
—CVE-2014-8326phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
from 0, < 4:4.2.10.1-1
—CVE-2014-5274phpMyAdmin cross-site scripting vulnerability in crafted view name
from 0, < 4:4.2.7.1-1
—CVE-2009-3696phpmyadmin - several vulnerabilities
from 0, < 4:3.2.2.1-1
—CVE-2009-3696phpmyadmin - several vulnerabilities
from 0, < 4:2.9.1.1-13
—CVE-2009-1149phpMyAdmin HTTP Response Splitting Vulnerability
from 0, < 4:3.1.3.1-1
—CVE-2005-3621phpmyadmin
from 0, < 4:2.6.2-3sarge2
—CVE-2005-3621phpmyadmin
from 0, < 4:2.6.4-pl4-1
—CVE-2015-3903libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 dis…
from 0, < 4:4.4.6.1-1
—CVE-2015-3902Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3…
from 0, < 4:4.4.6.1-1
—CVE-2015-2206libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid langua…
from 0, < 4:4.4.4-1
—CVE-2014-9219Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers…
from 0, < 4:4.2.12-2
—CVE-2014-9218libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to c…
from 0, < 4:4.2.12-2
—CVE-2014-8961Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and…
from 0, < 4:4.2.12-1
—CVE-2014-8960Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14…
from 0, < 4:4.2.12-1
—CVE-2014-8959Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x befor…
from 0, < 4:4.2.12-1
—CVE-2014-8958phpmyadmin - security update
from 0, < 4:3.3.7-9
—CVE-2014-8958phpmyadmin - security update
from 0, < 4:3.4.11.1-2+deb7u2
—CVE-2014-8958phpmyadmin - security update
from 0, < 4:4.2.12-1
—CVE-2014-5273Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 al…
from 0, < 4:4.2.7.1-1
—CVE-2014-4987server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended acce…
from 0, < 4:4.2.6-1
—CVE-2014-4955Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before…
from 0, < 4:4.2.6-1
—CVE-2014-4954Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x befor…
from 0, < 4:4.2.6-1
—CVE-2014-4349Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated u…
from 0, < 4:4.2.5-1
—CVE-2014-4348Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary w…
from 0, < 4:4.2.5-1
—CVE-2014-1879Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web…
from 0, < 4:4.1.7-1
—CVE-2013-5029phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related…
from 0, < 4:4.0.5-1
—CVE-2013-5003Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to exec…
from 0, < 4:4.0.4.2-1
—CVE-2013-5001Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmi…
from 0, < 4:4.0.4.2-1
—CVE-2013-5000phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installat…
from 0, < 4:4.0.4.2-1
—CVE-2013-4999phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installat…
from 0, < 4:4.0.4.2-1
—CVE-2013-4998phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, wh…
from 0, < 4:4.0.4.2-1
—CVE-2013-4996Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to i…
from 0, < 4:4.0.4.2-1
—CVE-2013-4995phpmyadmin - security update
from 0, < 4:4.0.4.2-1
—CVE-2013-4995phpmyadmin - security update
from 0, < 4:3.4.11.1-2+deb7u1
—CVE-2013-3742Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authent…
from 0, < 4:4.0.1-3
—CVE-2012-4219show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, whi…
from 0, < 4:4.0.1-1
—CVE-2012-1190Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 al…
from 0, < 4:3.4.10.1-1
—CVE-2012-1902show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sen…
from 0, < 4:3.4.10.2-1
—CVE-2011-4780Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attac…
from 0, < 4:3.4.9-1
—CVE-2011-3646phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame par…
from 0, < 4:3.4.6-1
—CVE-2011-4064Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrar…
from 0, < 4:3.4.6-1
—CVE-2011-3181Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allo…
from 0, < 4:3.4.4-1
—CVE-2011-2719libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions asso…
from 0, < 4:3.4.3.2-1
—CVE-2011-2643Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attac…
from 0, < 4:3.4.3.2-1
—CVE-2011-2642Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10…
from 0, < 4:3.4.3.2-1
—CVE-2011-2507libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not…
from 0, < 4:3.4.3.1-1
—CVE-2011-0987phpmyadmin - sql injection
from 0, < 4:3.3.9.2-1
—CVE-2011-0987phpmyadmin - sql injection
from 0, < 4:3.3.7-5
—CVE-2010-4480error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attac…
from 0, < 4:3.3.7-3
—CVE-2010-4329phpmyadmin - several
from 0, < 4:3.3.7-2
—CVE-2010-4329phpmyadmin - several
from 0, < 4:2.11.8.1-5+lenny7
—CVE-2010-3263Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote att…
from 0, < 4:3.3.7-1
—CVE-2010-3056Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to…
from 0, < 4:3.3.5.1-1
—CVE-2010-3055phpmyadmin - several vulnerabilities
from 0, < 4:2.11.8.1-5+lenny5
—CVE-2010-3055phpmyadmin - several vulnerabilities
from 0, < 4:3.0.0
—CVE-2010-3055phpmyadmin - several vulnerabilities
from 0, < 4:2.11.8.1-5+lenny6
—CVE-2009-4605scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) config…
from 0, < 4:3.2.4-1
—CVE-2008-7251phpmyadmin - several vulnerabilities
from 0, < 4:2.11.8.1-5+lenny4
—CVE-2008-7251phpmyadmin - several vulnerabilities
from 0, < 4:3.0.0-1
—CVE-2009-3697SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows re…
from 0, < 4:3.2.2.1-1
—CVE-2009-2284Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a…
from 0, < 4:3.2.0.1-1
—CVE-2009-1285Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows…
from 0, < 4:3.1.3.2-1
—CVE-2009-1150phpmyadmin - several vulnerabilities
from 0, < 4:2.9.1.1-11
—CVE-2009-1150phpmyadmin - several vulnerabilities
from 0, < 4:3.1.3.1-1
—CVE-2009-1148Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote atta…
from 0, < 4:3.1.3.1-1
—CVE-2008-5621phpmyadmin - arbitrary code execution
from 0, < 4:2.9.1.1-10
—CVE-2008-5621phpmyadmin - arbitrary code execution
from 0, < 4:2.11.8.1-5
—CVE-2008-4775Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when…
from 0, < 4:2.11.8.1-4
—CVE-2008-4326phpmyadmin - cross site scripting
from 0, < 4:2.11.8.1-3
—CVE-2008-4326phpmyadmin - cross site scripting
from 0, < 4:2.9.1.1-9
—CVE-2008-4096libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a reques…
from 0, < 4:2.11.8.1-2
—CVE-2008-3457Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary…
from 0, < 4:2.11.8~rc1-1
—CVE-2008-3456phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it eas…
from 0, < 4:2.11.8~rc1-1
—CVE-2008-3197phpmyadmin - several issues
from 0, < 4:2.9.1.1-8
—CVE-2008-3197phpmyadmin - several issues
from 0, < 4:2.11.7.1-1
—CVE-2008-2960Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, a…
from 0, < 4:2.11.7~rc2-1
—CVE-2008-1924Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table…
from 0, < 4:2.11.5.2-1
—CVE-2008-1149phpmyadmin - several vulnerabilities
from 0, < 4:2.9.1.1-7
—CVE-2008-1149phpmyadmin - several vulnerabilities
from 0, < 4:2.11.5-1
—CVE-2007-6100Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated…
from 0, < 4:2.11.2.2-1
—CVE-2007-5977Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATAB…
from 0, < 4:2.11.2.1-1
—CVE-2007-5976SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privilege…
from 0, < 4:2.11.2.1-1
—CVE-2007-5589Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or…
from 0, < 4:2.11.1.2-1
—CVE-2007-5386phpmyadmin - cross-site scripting
from 0, < 4:2.6.2-3sarge6
—CVE-2007-5386phpmyadmin - cross-site scripting
from 0, < 4:2.11.1.2-1
—CVE-2007-4306Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via…
from 0
—CVE-2007-2245Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or…
from 0, < 4:2.10.1-1
—CVE-2007-2016Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or…
from 0, < 4:2.6.2-3
—CVE-2007-1395Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (…
from 0, < 4:2.10.0.2-1
—CVE-2007-1325The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided b…
from 0, < 4:2.10.0.2-1
—CVE-2006-6942phpmyadmin - several vulnerabilities
from 0, < 4:2.6.2-3sarge5
—CVE-2006-6942phpmyadmin - several vulnerabilities
from 0, < 4:2.9.1.1-2
—CVE-2006-6944phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.
from 0, < 4:2.9.1.1-2
—CVE-2006-6943PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b)…
from 0, < 4:2.9.1.1-2
—CVE-2006-6942phpmyadmin - several vulnerabilities
from 0, < 4:2.6.2-3sarge5
—CVE-2007-0341Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attacke…
from 0, < 4:2.9.1.1-2
—CVE-2007-0203Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.
from 0, < 4:2.9.1.1-2
—CVE-2007-0204Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or…
from 0, < 4:2.9.1.1-2
—CVE-2007-0095phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php,…
from 0, < 4:2.9.1.1-1
—CVE-2006-6373PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive information via a direct request for libraries/common.lib.php, which revea…
from 0, < 4:2.9.1.1-1
—CVE-2006-5718Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web s…
from 0, < 4:2.9.0.3-1
—CVE-2006-5117phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote att…
from 0, < 4:2.9.0.2-0.1
—CVE-2006-5116Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized ac…
from 0, < 4:2.9.0.2-0.1
—CVE-2006-3388Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the…
from 0, < 4:2.8.2-0.1
—CVE-2006-2417Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTM…
from 0, < 4:2.8.1-1
—CVE-2006-2418Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web…
from 0, < 4:2.8.1-1
—CVE-2006-2031Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to i…
from 0, < 4:2.8.1-1
—CVE-2006-1803Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML…
from 0, < 4:2.8.1-1
—CVE-2006-1804SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query…
from 0, < 4:2.8.1-1
—CVE-2006-1678Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or H…
from 0, < 4:2.8.0.3-1
—CVE-2006-1258Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_t…
from 0, < 4:2.8.0.2-2
—CVE-2005-3665Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTM…
from 0, < 4:2.6.4-pl4-2
—CVE-2005-3787Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or…
from 0, < 4:2.6.4-pl4-1
—CVE-2005-3622phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in…
from 0
—CVE-2005-3301Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or…
from 0, < 4:2.6.4-pl3-1
—CVE-2005-3299PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files v…
from 0, < 4:2.6.4-pl2-1
—CVE-2005-3300The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _F…
from 0, < 4:2.6.4-pl3-1
—CVE-2005-2869phpmyadmin - several
from 0, < 4:2.6.4-pl1-1
—CVE-2005-2869phpmyadmin - several
from 0
—CVE-2005-0567Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying th…
from 0, < 3:2.6.1-pl2-1
—CVE-2005-0459phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct reques…
from 0, < 4:2.6.2
—CVE-2005-0544phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlpars…
from 0, < 3:2.6.1-pl2-1
—CVE-2005-0653phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more…
from 0, < 3:2.6.1-pl3-1
—CVE-2005-0992Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script…
from 0, < 3:2.6.2-rc1-1
—CVE-2004-1055Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web scri…
from 0, < 2:2.6.0-pl3-1
—CVE-2005-0543Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the st…
from 0, < 3:2.6.1-pl2-1
—CVE-2004-1148phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfil…
from 0, < 2:2.6.1-rc1-1
—CVE-2004-1147phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary…
from 0, < 2:2.6.1-rc1-1
—CVE-2004-2632phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via mod…
from 0, < 1:2.5.7-pl1-1
—CVE-2004-2630The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers t…
from 0, < 2:2.6.0-pl2-1
—CVE-2004-2631Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute…
from 0, < 1:2.5.7-pl1-1
—CVE-2004-0129Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via ..
from 0, < 2:2.6.0-pl2