Phpmyadmin

Phpmyadmin

272 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2012-5339

  • EPSS 0.26%
  • Veröffentlicht 25.10.2012 10:51:28
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.

7.5

CVE-2012-5159

  • EPSS 87.94%
  • Veröffentlicht 25.09.2012 22:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code v...

3.5

CVE-2012-4345

  • EPSS 0.21%
  • Veröffentlicht 21.08.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name durin...

3.5

CVE-2012-4579

  • EPSS 0.19%
  • Veröffentlicht 21.08.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (2) DROP link for a crafted table name, (3) the Add ...

5

CVE-2012-4219

Exploit
  • EPSS 0.28%
  • Veröffentlicht 21.08.2012 19:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php librar...

4.3

CVE-2012-1190

Exploit
  • EPSS 0.43%
  • Veröffentlicht 03.05.2012 04:08:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name.

4.3

CVE-2012-1902

  • EPSS 0.47%
  • Veröffentlicht 06.04.2012 19:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this mis...

4.3

CVE-2011-1940

  • EPSS 0.29%
  • Veröffentlicht 26.01.2012 15:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking ...

4.3

CVE-2011-1941

  • EPSS 0.25%
  • Veröffentlicht 26.01.2012 15:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

4.3

CVE-2011-4782

  • EPSS 0.48%
  • Veröffentlicht 22.12.2011 20:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.