Phpmyadmin

Phpmyadmin

272 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2007-4306

  • EPSS 0.28%
  • Veröffentlicht 13.08.2007 21:17:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or ...

6.8

CVE-2007-2245

  • EPSS 1.49%
  • Veröffentlicht 25.04.2007 16:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function.

4.3

CVE-2007-2016

  • EPSS 0.28%
  • Veröffentlicht 12.04.2007 19:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.

4.3

CVE-2007-1395

Exploit
  • EPSS 0.89%
  • Veröffentlicht 10.03.2007 22:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an ...

7.1

CVE-2007-1325

  • EPSS 0.76%
  • Veröffentlicht 07.03.2007 21:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array ...

6.8

CVE-2006-6942

  • EPSS 1.92%
  • Veröffentlicht 19.01.2007 02:28:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b)...

5

CVE-2006-6943

  • EPSS 11.54%
  • Veröffentlicht 19.01.2007 02:28:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[],...

7.5

CVE-2006-6944

  • EPSS 0.35%
  • Veröffentlicht 19.01.2007 02:28:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.

6.8

CVE-2007-0341

Exploit
  • EPSS 0.78%
  • Veröffentlicht 18.01.2007 02:28:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to ...

10

CVE-2007-0203

  • EPSS 0.75%
  • Veröffentlicht 11.01.2007 11:28:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.