Phpmyadmin

Phpmyadmin

272 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-5739

  • EPSS 0.92%
  • Published 03.07.2016 01:59:25
  • Last modified 12.04.2025 10:46:40

The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to condu...

9.8

CVE-2016-5734

Exploit
  • EPSS 72.92%
  • Published 03.07.2016 01:59:24
  • Last modified 12.04.2025 10:46:40

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a craf...

6.1

CVE-2016-5733

  • EPSS 1.24%
  • Published 03.07.2016 01:59:23
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that ...

6.1

CVE-2016-5732

  • EPSS 0.22%
  • Published 03.07.2016 01:59:22
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary we...

6.1

CVE-2016-5731

  • EPSS 0.42%
  • Published 03.07.2016 01:59:21
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error m...

5.3

CVE-2016-5730

  • EPSS 1.32%
  • Published 03.07.2016 01:59:20
  • Last modified 12.04.2025 10:46:40

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected d...

7.5

CVE-2016-5706

  • EPSS 2.78%
  • Published 03.07.2016 01:59:18
  • Last modified 12.04.2025 10:46:40

js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.

6.1

CVE-2016-5705

  • EPSS 0.61%
  • Published 03.07.2016 01:59:17
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the us...

6.1

CVE-2016-5704

  • EPSS 0.28%
  • Published 03.07.2016 01:59:15
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment.

9.8

CVE-2016-5703

  • EPSS 1.58%
  • Published 03.07.2016 01:59:14
  • Last modified 12.04.2025 10:46:40

SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column q...