Phpmyadmin

Phpmyadmin

272 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2014-1879

  • EPSS 0.2%
  • Veröffentlicht 20.02.2014 15:27:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.

4.3

CVE-2013-5029

Exploit
  • EPSS 1.73%
  • Veröffentlicht 19.08.2013 23:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php.

3.5

CVE-2013-4995

  • EPSS 0.21%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of r...

4.3

CVE-2013-4996

  • EPSS 0.28%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, ...

4.3

CVE-2013-4997

  • EPSS 0.26%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a char...

5

CVE-2013-4998

  • EPSS 0.25%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.

5

CVE-2013-4999

  • EPSS 0.25%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.

5

CVE-2013-5000

  • EPSS 0.25%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.

3.5

CVE-2013-5001

  • EPSS 0.19%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmin 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted o...

3.5

CVE-2013-5002

  • EPSS 0.21%
  • Veröffentlicht 31.07.2013 13:20:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in libraries/schema/Export_Relation_Schema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumbe...