Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 35 |
|---|---|---|---|---|
 | phpMyAdmin 3.3.x < 3.3.10.2 / 3.4.x < 3.4.3.1 Multiple Vulnerabilities | 14 Jul 201100:00 | – | nessus |
| Debian DSA-2286-1 : phpmyadmin - several vulnerabilities | 28 Jul 201100:00 | – | nessus |
| Fedora 14 : phpMyAdmin-3.4.3.1-1.fc14 (2011-9144) | 18 Jul 201100:00 | – | nessus |
| FreeBSD : phpmyadmin -- multiple vulnerabilities (7e4e5c53-a56c-11e0-b180-00216aa06fc2) | 5 Jul 201100:00 | – | nessus |
| GLSA-201201-01 : phpMyAdmin: Multiple vulnerabilities | 5 Jan 201200:00 | – | nessus |
| phpMyAdmin 3.3.x / 3.4.x < 3.3.10.2 / 3.4.3.1 Multiple Vulnerabilities (PMASA-2011-5 - PMASA-2011-8) | 20 Dec 201100:00 | – | nessus |
 | phpmyadmin -- multiple vulnerabilities | 2 Jul 201100:00 | – | freebsd |
 | CVE-2011-2507 | 14 Jul 201123:00 | – | cvelist |
 | [SECURITY] [DSA 2286-1] phpmyadmin security update | 26 Jul 201119:11 | – | debian |
 | CVE-2011-2507 | 14 Jul 201123:00 | – | debiancve |
10
Node
OROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROR
Node
OROROR
10
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| session_to_unset | query param | libraries/auth/swekey/swekey.auth.lib.php | parse_str on the query string allows overwriting session variables and remote code execution via session manipulation (CWE-94). | CWE-94 |
| uncommon_tables | nested | libraries/server_synchronize.lib.php | PMA_createTargetTables uses user-derived values in preg_replace, injection of PHP code via the e modifier leading to remote code execution (CWE-94). | CWE-94 |
| trg_db | nested | libraries/server_synchronize.lib.php | PMA_createTargetTables uses user-derived values in preg_replace, injection of PHP code via the e modifier leading to remote code execution (CWE-94). | CWE-94 |
| trg_db | nested | server_synchronize.php | sensitive session-derived variables used to call PMA_createTargetTables, enabling RCE under certain conditions (CWE-94). | CWE-94 |
| uncommon_tables | nested | server_synchronize.php | sensitive session-derived variables used to call PMA_createTargetTables, enabling RCE under certain conditions (CWE-94). | CWE-94 |
| transformation | nested | libraries/display_tbl.lib.php | local file inclusion via transformation value derived from user input (CWE-94). | CWE-94 |
| mime_map | nested | libraries/display_tbl.lib.php | local file inclusion via transformation value derived from user input (CWE-94). | CWE-94 |
| transformation | nested | libraries/display_tbl.lib.php | path traversal via require_once with user-controlled transformation value (CWE-94). | CWE-94 |
| PMA_VERSION | nested | setup/lib/ConfigGenerator.class.php | config file generation uses unsafely constructed server config data leading to potential code execution (CWE-94). | CWE-94 |
| config | nested | libraries/config/ConfigFile.class.php | Config data derived from $_SESSION can be manipulated to inject PHP into saved config (CWE-94). | CWE-94 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Apr 2026 01:13Current
6.3Medium risk
Vulners AI Score6.3
CVSS 26.5
EPSS0.03737