Phpmyadmin

Phpmyadmin

272 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2012-5339

  • EPSS 0.26%
  • Published 25.10.2012 10:51:28
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.

7.5

CVE-2012-5159

  • EPSS 87.94%
  • Published 25.09.2012 22:55:00
  • Last modified 11.04.2025 00:51:21

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code v...

3.5

CVE-2012-4345

  • EPSS 0.21%
  • Published 21.08.2012 23:55:01
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name durin...

3.5

CVE-2012-4579

  • EPSS 0.19%
  • Published 21.08.2012 23:55:01
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (2) DROP link for a crafted table name, (3) the Add ...

5

CVE-2012-4219

Exploit
  • EPSS 0.28%
  • Published 21.08.2012 19:55:00
  • Last modified 11.04.2025 00:51:21

show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php librar...

4.3

CVE-2012-1190

Exploit
  • EPSS 0.43%
  • Published 03.05.2012 04:08:25
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name.

4.3

CVE-2012-1902

  • EPSS 0.47%
  • Published 06.04.2012 19:55:01
  • Last modified 11.04.2025 00:51:21

show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this mis...

4.3

CVE-2011-1940

  • EPSS 0.29%
  • Published 26.01.2012 15:55:01
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking ...

4.3

CVE-2011-1941

  • EPSS 0.25%
  • Published 26.01.2012 15:55:01
  • Last modified 11.04.2025 00:51:21

Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

4.3

CVE-2011-4782

  • EPSS 0.48%
  • Published 22.12.2011 20:55:01
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.