Phpmyadmin

Phpmyadmin

272 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2014-1879

  • EPSS 0.2%
  • Published 20.02.2014 15:27:09
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.

4.3

CVE-2013-5029

Exploit
  • EPSS 1.73%
  • Published 19.08.2013 23:55:09
  • Last modified 11.04.2025 00:51:21

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php.

3.5

CVE-2013-4995

  • EPSS 0.21%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of r...

4.3

CVE-2013-4996

  • EPSS 0.28%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, ...

4.3

CVE-2013-4997

  • EPSS 0.26%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a char...

5

CVE-2013-4998

  • EPSS 0.25%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.

5

CVE-2013-4999

  • EPSS 0.25%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.

5

CVE-2013-5000

  • EPSS 0.25%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.

3.5

CVE-2013-5001

  • EPSS 0.19%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmin 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted o...

3.5

CVE-2013-5002

  • EPSS 0.21%
  • Published 31.07.2013 13:20:08
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in libraries/schema/Export_Relation_Schema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumbe...