pkg:Packagist/phpmyadmin/phpmyadmin

107 total CVEsCRITICAL10HIGH22MEDIUM44LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2020-22452phpmyadmin contains SQL Injection vulnerability
    >= 5.0.0, < 5.0.2
  • CRITICAL9.8CVE-2020-26935phpMyAdmin SQL injection vulnerability
    >= 4.9.0, < 4.9.6
  • CRITICAL9.8CVE-2019-19617phpmyadmin - security update
    from 0, < 4.9.2
  • CRITICAL9.8CVE-2019-11768phpMyAdmin SQL injection in Designer feature
    from 0, < 4.9.0.1
  • CRITICAL9.8CVE-2016-5734phpMyAdmin Code Injection vulnerability
    >= 4.0.10.0, < 4.0.10.16
  • CRITICAL9.8CVE-2016-6629phpMyAdmin Authentication Bypass
    >= 4.6, < 4.6.4
  • CRITICAL9.8CVE-2016-9866phpMyAdmin CSRF Vulnerability
    >= 4.6.0, < 4.6.5
  • CRITICAL9.8CVE-2019-6798phpMyAdmin SQL injection in Designer feature
    from 0, < 4.8.5
  • CRITICAL9.8CVE-2017-18264phpMyAdmin Improper Privilege Management
    >= 4.0, < 4.0.10.20
  • CRITICAL9.8CVE-2019-18622SQL injection in phpMyAdmin
    from 0, < 4.9.2
  • HIGH8.8CVE-2020-5504phpmyadmin - security update
    >= 4.0.0, < 4.9.4
  • HIGH8.8CVE-2018-10188phpMyAdmin CSRF vulnerability allowing arbitrary SQL execution
    >= 4.8, < 4.8.0.1
  • HIGH8.8CVE-2016-6609phpmyadmin - security update
    >= 4.6, < 4.6.4
  • HIGH8.8CVE-2017-1000017phpMyAdmin SSRF in replication
    >= 4.6, < 4.6.6
  • HIGH8.8CVE-2018-19969phpMyAdmin CSRF Vulnerability
    >= 4.8, < 4.8.4
  • HIGH8.8CVE-2017-1000499phpMyAdmin CSRF Vulnerability
    >= 4.7, < 4.7.7
  • HIGH8.8CVE-2018-12613phpMyAdmin Improper Authentication
    >= 4.8, < 4.8.2
  • HIGH8.6CVE-2016-6621phpmyadmin - security update
    >= 4.6.0, < 4.6.6
  • HIGH8.5CVE-2013-3239phpmyadmin - security update
    >= 3.5.0, < 3.5.8.1
  • HIGH8.1CVE-2016-6633phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension
    >= 4.6, < 4.6.4
  • HIGH8.0CVE-2020-10804phpMyAdmin SQL Injection
    >= 4.9.0, < 4.9.5
  • HIGH8.0CVE-2020-10802phpmyadmin - security update
    >= 4.9.0, < 4.9.5
  • HIGH7.5CVE-2016-1927phpmyadmin - security update
    >= 4.0.0, < 4.0.10.13
  • HIGH7.5CVE-2016-9861phpMyAdmin Bypass white-list protection for URL redirection
    >= 4.6, < 4.6.5
  • HIGH7.5CVE-2016-9863phpMyAdmin DoS Vulnerability
    >= 4.6.0, < 4.6.5
  • HIGH7.5CVE-2017-1000016phpMyAdmin Cookie attribute injection attack
    >= 4.6, < 4.6.6
  • HIGH7.5CVE-2016-5739phpMyAdmin vulnerable to Cross-Site Request Forgery
    >= 4.0.10.0, < 4.0.10.16
  • HIGH7.5CVE-2016-5706phpMyAdmin Denial Of Service (DOS) attack
    >= 4.0, < 4.0.10.16
  • HIGH7.5CVE-2016-2041phpMyAdmin Unsafe comparison of XSRF/CSRF token
    >= 4.0, < 4.0.10.13
  • HIGH7.5CVE-2017-1000014phpMyAdmin DoS Vulnerability
    >= 4.6, < 4.6.6
  • HIGH7.5CVE-2017-1000018phpMyAdmin DoS Vulnerability
    >= 4.6, < 4.6.6
  • HIGH7.5CVE-2022-0813PhpMyAdmin exposure of sensitive information
    from 0, < 5.1.3
  • MEDIUM6.8CVE-2016-2562phpMyAdmin Improper Input Validation
    >= 4.5, < 4.5.5.1
  • MEDIUM6.5CVE-2019-12922phpMyAdmin Cross-Site Request Forgery (CSRF)
    from 0, < 4.9.1
  • MEDIUM6.5CVE-2019-12616phpMyAdmin CSRF Vulnerability
    from 0, < 4.9.0
  • MEDIUM6.5CVE-2016-6612phpMyAdmin Local file exposure
    >= 4.6, < 4.6.4
  • MEDIUM6.5CVE-2016-6623phpMyAdmin DoS Vulnerability
    >= 4.6.0, < 4.6.4
  • MEDIUM6.5CVE-2011-4107phpMyAdmin vulnerable to XML external entity (XXE) injection attack
    >= 3.4.0, < 3.4.7.1
  • MEDIUM6.5CVE-2016-6618phpMyAdmin Denial of service (DOS) attack in transformation feature
    >= 4.6, < 4.6.4
  • MEDIUM6.5CVE-2018-19968phpmyadmin - security update
    from 0, < 4.8.4
  • MEDIUM6.4CVE-2025-24530phpMyAdmin XSS when checking tables
    >= 5.0.0, < 5.2.2
  • MEDIUM6.3CVE-2016-6628phpMyAdmin Reflected File Download attack
    >= 4.6, < 4.6.4
  • MEDIUM6.1CVE-2020-26934phpMyAdmin Cross-site Scripting (XSS)
    >= 4.9.0, < 4.9.6
  • MEDIUM6.1CVE-2016-5704phpMyAdmin XSS Vulnerability
    >= 4.6.0, < 4.6.3
  • MEDIUM6.1CVE-2016-5732phpMyAdmin XSS Vulnerability
    >= 4.6.0, < 4.6.3
  • MEDIUM6.1CVE-2016-6608phpMyAdmin Cross-site Scripting (XSS)
    >= 4.6, < 4.6.4
  • MEDIUM6.1CVE-2016-9857phpMyAdmin XSS Vulnerability
    >= 4.6, < 4.6.5
  • MEDIUM6.1CVE-2016-9856phpMyAdmin XSS Vulnerability
    >= 4.6, < 4.6.5
  • MEDIUM6.1CVE-2018-12581phpMyAdmin XSS Vulnerability
    from 0, < 4.8.2
  • MEDIUM6.1CVE-2018-15605phpMyAdmin Cross-site Scripting (XSS) in the import dialog
    from 0, < 4.8.3
  • MEDIUM6.1CVE-2016-5701phpMyAdmin vulnerable to Cross-site Scripting
    >= 4.0.10.0, < 4.0.10.16
  • MEDIUM6.1CVE-2016-5705phpMyAdmin vulnerable to Cross-site Scripting
    >= 4.4.0, < 4.4.15.7
  • MEDIUM6.1CVE-2016-5733phpMyAdmin vulnerable to Cross-site Scripting
    >= 4.0.10.0, < 4.0.10.16
  • MEDIUM6.1CVE-2016-5731phpmyadmin - security update
    >= 4.0, < 4.0.10.16
  • MEDIUM6.1CVE-2017-1000013phpMyAdmin Open Redirect
    >= 4.6, < 4.6.6
  • MEDIUM6.1CVE-2017-1000015phpMyAdmin CSS Injection Vulnerability
    >= 4.6.0, < 4.6.6
  • MEDIUM6.1CVE-2018-19970phpMyAdmin Cross-site Scripting (XSS) vulnerability
    >= 4.0, < 4.8.4
  • MEDIUM6.1CVE-2022-23808Cross-site Scripting in phpmyadmin
    >= 5.1.0, < 5.1.2
  • MEDIUM5.9CVE-2016-6624phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention
    >= 4.6, < 4.6.4
  • MEDIUM5.9CVE-2016-6632phpMyAdmin Denial of service (DOS) attack with dbase extension
    >= 4.6, < 4.6.4
  • MEDIUM5.9CVE-2016-9860phpMyAdmin Denial of Service (DoS)
    >= 4.6, < 4.6.5
  • MEDIUM5.9CVE-2016-6622phpMyAdmin DoS Vulnerability
    >= 4.6, < 4.6.4
  • MEDIUM5.9CVE-2019-6799phpmyadmin - security update
    >= 4.8, < 4.8.5
  • MEDIUM5.4CVE-2023-25727phpmyadmin - security update
    >= 4.3.0, < 4.9.11
  • MEDIUM5.4CVE-2020-10803phpMyAdmin SQL injection vulnerability
    >= 3.4, < 4.9.5
  • MEDIUM5.4CVE-2013-4729phpMyAdmin Global variables scope injection vulnerability
    >= 4.0, < 4.0.4.1
  • MEDIUM5.4CVE-2016-2559phpMyAdmin Cross-site scripting (XSS) vulnerability in SQL parser
    >= 4.5, < 4.5.5.1
  • MEDIUM5.4CVE-2018-7260phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
    from 0, < 4.7.8
  • MEDIUM5.4CVE-2016-2040phpMyAdmin XSS Vulnerability
    >= 4.0, < 4.0.10.13
  • MEDIUM5.3CVE-2016-6613phpMyAdmin Local file exposure through symlinks with UploadDir
    >= 4.6, < 4.6.4
  • MEDIUM5.3CVE-2016-9847phpMyAdmin Cryptographic Vulnerability
    >= 4.6, < 4.6.5
  • MEDIUM5.3CVE-2016-9853phpMyAdmin path disclosure
    >= 4.6.0, < 4.6.5
  • MEDIUM5.3CVE-2016-9851phpMyAdmin Bypass logout timeout
    >= 4.6, < 4.6.5
  • MEDIUM5.3CVE-2016-5730phpMyAdmin full path disclosure vulnerability
    >= 4.0, < 4.0.10.16
  • MEDIUM4.3CVE-2016-6625phpMyAdmin allows to detect if user is logged in
    >= 4.6, < 4.6.4
  • MEDIUM4.3CVE-2022-23807Improper Authentication in phpmyadmin
    >= 4.9.0, < 4.9.8
  • LOW3.7CVE-2016-5702phpMyAdmin cookie-attribute injection
    >= 4.6.0, < 4.6.3
  • CVE-2010-2958phpMyAdmin Cross-site Scripting vulnerability
    >= 3.0.0, < 3.3.6
  • CVE-2010-4481phpMyAdmin allows remote attackers to bypass authentication and obtain sensitive information
    from 0, < 3.4.0-beta1
  • CVE-2008-7252phpMyAdmin unsafely handles temporary files
    >= 2.11.0, < 2.11.10
  • CVE-2011-1941phpMyAdmin Open Redirect in redirector
    >= 3.4.0, < 3.4.1
  • CVE-2012-4579phpMyAdmin Multiple XSS Vulnerabilities
    >= 3.5, < 3.5.2.2
  • CVE-2011-1940phpmyadmin - several
    >= 3.3.0, < 3.3.10.1
  • CVE-2011-4634phpMyAdmin vulnerable to Cross-site Scripting
    >= 3.4.0, < 3.4.8
  • CVE-2012-5339phpMyAdmin multiple cross-site scripting vulnerabilities
    >= 3.5, < 3.5.3
  • CVE-2012-5368phpMyAdmin Unsafe Fetching of Javascript Code
    >= 3.5, < 3.5.3
  • CVE-2012-4345phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
    >= 3.4, < 3.4.11.1
  • CVE-2013-4997phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities
    >= 3.5, < 3.5.8.2
  • CVE-2011-3592phpMyAdmin Multiple XSS Vulnerabilities
    >= 3.4.0, < 3.4.5
  • CVE-2011-3591phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
    >= 3.4.0, < 3.4.5
  • CVE-2014-7217phpMyAdmin cross-site scripting Vulnerability via ENUM value
    >= 4.0.0, < 4.0.10.4
  • CVE-2015-7873phpMyAdmin allows remote attackers to spoof content via the url parameter
    >= 4.4.0, < 4.4.15.1
  • CVE-2014-4986phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
    >= 4.0.0, < 4.0.10.1
  • CVE-2015-6830phpMyAdmin ReCaptcha bypass
    >= 4.3.0, < 4.3.13.2
  • CVE-2013-5002phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
    >= 3.5, < 3.5.8.2
  • CVE-2011-0986phpMyAdmin allows remote attackers to obtain installation path via direct request for nonexistent file
    >= 2.11.0, < 2.11.11.2
  • CVE-2011-2718phpMyAdmin Directory Traversal Vulnerability
    >= 3.4, < 3.4.3.2
  • CVE-2011-4782phpMyAdmin Cross-site Scripting vulnerability
    >= 3.4.0, < 3.4.9
  • CVE-2011-2505phpymadmin - several
    >= 3.0, < 3.3.10.2
  • CVE-2011-2508phpMyAdmin Directory Traversal vulnerability
    >= 3.3.0, < 3.3.10.2
  • CVE-2011-2506phpMyAdmin vulnerable to static code injection
    >= 3.0, < 3.3.10.2
  • CVE-2014-6300phpMyAdmin micro history Implementation XSS Vulnerability
    >= 4.0.0, < 4.0.10.3
  • CVE-2014-8326phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page
    >= 4.0.0, < 4.0.10.5
  • CVE-2014-5274phpMyAdmin cross-site scripting vulnerability in crafted view name
    >= 4.1.0, < 4.1.14.3
  • CVE-2009-3696phpmyadmin - several vulnerabilities
    >= 2.11.0, < 2.11.9.6
  • CVE-2009-1149phpMyAdmin HTTP Response Splitting Vulnerability
    from 0, < 3.1.3.1
  • CVE-2005-3621phpmyadmin
    from 0, < 2.6.4-pl4