Packagist/phpmyadmin/phpmyadmin — 107 CVEs · VulnScope

pkg:Packagist/phpmyadmin/phpmyadmin

107 total CVEsCRITICAL10HIGH22MEDIUM44LOW1

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2020-22452phpmyadmin contains SQL Injection vulnerability
>= 5.0.0, < 5.0.2
CRITICAL9.8CVE-2020-26935phpMyAdmin SQL injection vulnerability
>= 4.9.0, < 4.9.6
CRITICAL9.8phpmyadmin - security update
from 0, < 4.9.2
CRITICAL9.8phpMyAdmin SQL injection in Designer feature
from 0, < 4.9.0.1
CRITICAL9.8phpMyAdmin Code Injection vulnerability
>= 4.0.10.0, < 4.0.10.16
CRITICAL9.8phpMyAdmin Authentication Bypass
>= 4.6, < 4.6.4
CRITICAL9.8phpMyAdmin CSRF Vulnerability
>= 4.6.0, < 4.6.5
CRITICAL9.8phpMyAdmin SQL injection in Designer feature
from 0, < 4.8.5
CRITICAL9.8phpMyAdmin Improper Privilege Management
>= 4.0, < 4.0.10.20
CRITICAL9.8SQL injection in phpMyAdmin
from 0, < 4.9.2
HIGH8.8phpmyadmin - security update
>= 4.0.0, < 4.9.4
HIGH8.8phpMyAdmin CSRF vulnerability allowing arbitrary SQL execution
>= 4.8, < 4.8.0.1
HIGH8.8phpmyadmin - security update
>= 4.6, < 4.6.4
HIGH8.8phpMyAdmin SSRF in replication
>= 4.6, < 4.6.6
HIGH8.8phpMyAdmin CSRF Vulnerability
>= 4.8, < 4.8.4
HIGH8.8phpMyAdmin CSRF Vulnerability
>= 4.7, < 4.7.7
HIGH8.8phpMyAdmin Improper Authentication
>= 4.8, < 4.8.2
HIGH8.6phpmyadmin - security update
>= 4.6.0, < 4.6.6
HIGH8.5phpmyadmin - security update
>= 3.5.0, < 3.5.8.1
HIGH8.1phpMyAdmin Remote code execution vulnerability when PHP is running with dbase extension
>= 4.6, < 4.6.4
HIGH8.0phpMyAdmin SQL Injection
>= 4.9.0, < 4.9.5
HIGH8.0phpmyadmin - security update
>= 4.9.0, < 4.9.5
HIGH7.5phpmyadmin - security update
>= 4.0.0, < 4.0.10.13
HIGH7.5phpMyAdmin Bypass white-list protection for URL redirection
>= 4.6, < 4.6.5
HIGH7.5phpMyAdmin DoS Vulnerability
>= 4.6.0, < 4.6.5
HIGH7.5phpMyAdmin Cookie attribute injection attack
>= 4.6, < 4.6.6
HIGH7.5phpMyAdmin vulnerable to Cross-Site Request Forgery
>= 4.0.10.0, < 4.0.10.16
HIGH7.5phpMyAdmin Denial Of Service (DOS) attack
>= 4.0, < 4.0.10.16
HIGH7.5phpMyAdmin Unsafe comparison of XSRF/CSRF token
>= 4.0, < 4.0.10.13
HIGH7.5phpMyAdmin DoS Vulnerability
>= 4.6, < 4.6.6
HIGH7.5phpMyAdmin DoS Vulnerability
>= 4.6, < 4.6.6
HIGH7.5PhpMyAdmin exposure of sensitive information
from 0, < 5.1.3
MEDIUM6.8phpMyAdmin Improper Input Validation
>= 4.5, < 4.5.5.1
MEDIUM6.5phpMyAdmin Cross-Site Request Forgery (CSRF)
from 0, < 4.9.1
MEDIUM6.5phpMyAdmin CSRF Vulnerability
from 0, < 4.9.0
MEDIUM6.5phpMyAdmin Local file exposure
>= 4.6, < 4.6.4
MEDIUM6.5phpMyAdmin DoS Vulnerability
>= 4.6.0, < 4.6.4
MEDIUM6.5phpMyAdmin vulnerable to XML external entity (XXE) injection attack
>= 3.4.0, < 3.4.7.1
MEDIUM6.5phpMyAdmin Denial of service (DOS) attack in transformation feature
>= 4.6, < 4.6.4
MEDIUM6.5phpmyadmin - security update
from 0, < 4.8.4
MEDIUM6.4phpMyAdmin XSS when checking tables
>= 5.0.0, < 5.2.2
MEDIUM6.3phpMyAdmin Reflected File Download attack
>= 4.6, < 4.6.4
MEDIUM6.1phpMyAdmin Cross-site Scripting (XSS)
>= 4.9.0, < 4.9.6
MEDIUM6.1phpMyAdmin XSS Vulnerability
>= 4.6.0, < 4.6.3
MEDIUM6.1phpMyAdmin XSS Vulnerability
>= 4.6.0, < 4.6.3
MEDIUM6.1phpMyAdmin Cross-site Scripting (XSS)
>= 4.6, < 4.6.4
MEDIUM6.1phpMyAdmin XSS Vulnerability
>= 4.6, < 4.6.5
MEDIUM6.1phpMyAdmin XSS Vulnerability
>= 4.6, < 4.6.5
MEDIUM6.1phpMyAdmin XSS Vulnerability
from 0, < 4.8.2
MEDIUM6.1phpMyAdmin Cross-site Scripting (XSS) in the import dialog
from 0, < 4.8.3
MEDIUM6.1phpMyAdmin vulnerable to Cross-site Scripting
>= 4.0.10.0, < 4.0.10.16
MEDIUM6.1phpMyAdmin vulnerable to Cross-site Scripting
>= 4.4.0, < 4.4.15.7
MEDIUM6.1phpMyAdmin vulnerable to Cross-site Scripting
>= 4.0.10.0, < 4.0.10.16
MEDIUM6.1phpmyadmin - security update
>= 4.0, < 4.0.10.16
MEDIUM6.1phpMyAdmin Open Redirect
>= 4.6, < 4.6.6
MEDIUM6.1phpMyAdmin CSS Injection Vulnerability
>= 4.6.0, < 4.6.6
MEDIUM6.1phpMyAdmin Cross-site Scripting (XSS) vulnerability
>= 4.0, < 4.8.4
MEDIUM6.1Cross-site Scripting in phpmyadmin
>= 5.1.0, < 5.1.2
MEDIUM5.9phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention
>= 4.6, < 4.6.4
MEDIUM5.9phpMyAdmin Denial of service (DOS) attack with dbase extension
>= 4.6, < 4.6.4
MEDIUM5.9phpMyAdmin Denial of Service (DoS)
>= 4.6, < 4.6.5
MEDIUM5.9phpMyAdmin DoS Vulnerability
>= 4.6, < 4.6.4
MEDIUM5.9phpmyadmin - security update
>= 4.8, < 4.8.5
MEDIUM5.4phpmyadmin - security update
>= 4.3.0, < 4.9.11
MEDIUM5.4phpMyAdmin SQL injection vulnerability
>= 3.4, < 4.9.5
MEDIUM5.4phpMyAdmin Global variables scope injection vulnerability
>= 4.0, < 4.0.4.1
MEDIUM5.4phpMyAdmin Cross-site scripting (XSS) vulnerability in SQL parser
>= 4.5, < 4.5.5.1
MEDIUM5.4phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
from 0, < 4.7.8
MEDIUM5.4phpMyAdmin XSS Vulnerability
>= 4.0, < 4.0.10.13
MEDIUM5.3phpMyAdmin Local file exposure through symlinks with UploadDir
>= 4.6, < 4.6.4
MEDIUM5.3phpMyAdmin Cryptographic Vulnerability
>= 4.6, < 4.6.5
MEDIUM5.3phpMyAdmin path disclosure
>= 4.6.0, < 4.6.5
MEDIUM5.3phpMyAdmin Bypass logout timeout
>= 4.6, < 4.6.5
MEDIUM5.3phpMyAdmin full path disclosure vulnerability
>= 4.0, < 4.0.10.16
MEDIUM4.3phpMyAdmin allows to detect if user is logged in
>= 4.6, < 4.6.4
MEDIUM4.3Improper Authentication in phpmyadmin
>= 4.9.0, < 4.9.8
LOW3.7phpMyAdmin cookie-attribute injection
>= 4.6.0, < 4.6.3
—phpMyAdmin Cross-site Scripting vulnerability
>= 3.0.0, < 3.3.6
—phpMyAdmin allows remote attackers to bypass authentication and obtain sensitive information
from 0, < 3.4.0-beta1
—phpMyAdmin unsafely handles temporary files
>= 2.11.0, < 2.11.10
—phpMyAdmin Open Redirect in redirector
>= 3.4.0, < 3.4.1
—phpMyAdmin Multiple XSS Vulnerabilities
>= 3.5, < 3.5.2.2
—phpmyadmin - several
>= 3.3.0, < 3.3.10.1
—phpMyAdmin vulnerable to Cross-site Scripting
>= 3.4.0, < 3.4.8
—phpMyAdmin multiple cross-site scripting vulnerabilities
>= 3.5, < 3.5.3
—phpMyAdmin Unsafe Fetching of Javascript Code
>= 3.5, < 3.5.3
—phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
>= 3.4, < 3.4.11.1
—phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities
>= 3.5, < 3.5.8.2
—phpMyAdmin Multiple XSS Vulnerabilities
>= 3.4.0, < 3.4.5
—phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
>= 3.4.0, < 3.4.5
—phpMyAdmin cross-site scripting Vulnerability via ENUM value
>= 4.0.0, < 4.0.10.4
—phpMyAdmin allows remote attackers to spoof content via the url parameter
>= 4.4.0, < 4.4.15.1
—phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
>= 4.0.0, < 4.0.10.1
—phpMyAdmin ReCaptcha bypass
>= 4.3.0, < 4.3.13.2
—phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
>= 3.5, < 3.5.8.2
—phpMyAdmin allows remote attackers to obtain installation path via direct request for nonexistent file
>= 2.11.0, < 2.11.11.2
—phpMyAdmin Directory Traversal Vulnerability
>= 3.4, < 3.4.3.2
—phpMyAdmin Cross-site Scripting vulnerability
>= 3.4.0, < 3.4.9
—phpymadmin - several
>= 3.0, < 3.3.10.2
—phpMyAdmin Directory Traversal vulnerability
>= 3.3.0, < 3.3.10.2