Phpmyadmin

Phpmyadmin

273 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.68%
  • Veröffentlicht 10.09.2010 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:22:28

Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote attackers to inject arbitrary web script or HTML via a server name.

  • EPSS 1.9%
  • Veröffentlicht 08.09.2010 20:00:03
  • Zuletzt bearbeitet 16.06.2026 23:21:50

Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages (aka debugging messages), a ...

Exploit
  • EPSS 2.68%
  • Veröffentlicht 24.08.2010 20:00:02
  • Zuletzt bearbeitet 16.06.2026 23:22:02

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure....

Exploit
  • EPSS 14.71%
  • Veröffentlicht 24.08.2010 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:22:02

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.

  • EPSS 2.66%
  • Veröffentlicht 19.01.2010 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:03:55

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.

  • EPSS 2.67%
  • Veröffentlicht 19.01.2010 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:03:55

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.

  • EPSS 2.36%
  • Veröffentlicht 19.01.2010 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:14:00

scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF...

  • EPSS 2.57%
  • Veröffentlicht 16.10.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:12:10

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.

  • EPSS 2.6%
  • Veröffentlicht 16.10.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:12:10

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.

  • EPSS 1.98%
  • Veröffentlicht 01.07.2009 13:00:01
  • Zuletzt bearbeitet 16.06.2026 23:09:07

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark.