Phpmyadmin

Phpmyadmin

272 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2011-4634

  • EPSS 0.42%
  • Published 22.12.2011 20:55:00
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Database Synchronize panel; (2) a crafted database name...

4.3

CVE-2011-4780

  • EPSS 0.48%
  • Published 22.12.2011 20:55:00
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1)...

5

CVE-2011-3646

  • EPSS 0.56%
  • Published 17.11.2011 19:55:01
  • Last modified 11.04.2025 00:51:21

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.

6.5

CVE-2011-4107

Exploit
  • EPSS 12.18%
  • Published 17.11.2011 19:55:01
  • Last modified 11.04.2025 00:51:21

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity ref...

4.3

CVE-2011-4064

  • EPSS 0.52%
  • Published 01.11.2011 19:55:01
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.

4.3

CVE-2011-3181

  • EPSS 0.6%
  • Published 29.08.2011 17:55:01
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index n...

2.6

CVE-2011-2642

  • EPSS 0.67%
  • Published 01.08.2011 19:55:01
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a craft...

6.8

CVE-2011-2643

  • EPSS 0.29%
  • Published 01.08.2011 19:55:01
  • Last modified 11.04.2025 00:51:21

Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformati...

6

CVE-2011-2718

  • EPSS 1%
  • Published 01.08.2011 19:55:01
  • Last modified 11.04.2025 00:51:21

Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type ...

6.4

CVE-2011-2719

  • EPSS 1.94%
  • Published 01.08.2011 19:55:01
  • Last modified 11.04.2025 00:51:21

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other...