CVE-2020-26935

🗓️ 10 Oct 2020 18:26:53Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 313 Views

An SQL injection vulnerability in phpMyAdmin before 4.9.6 and 5.x before 5.0.3

Reporter	Title	Published	Views	Family All 64
BDU FSTEC	The vulnerability of the SearchController class implementation in the web application for managing phpMyAdmin database management systems allows a hacker to cause a service failure.	6 Apr 202100:00	–	bdu_fstec
Circl	CVE-2020-26935	10 Oct 202022:35	–	circl
CNVD	phpMyAdmin SQL Injection Vulnerability (CNVD-2021-45286)	12 Oct 202000:00	–	cnvd
Cvelist	CVE-2020-26935	10 Oct 202018:26	–	cvelist
Debian	[SECURITY] [DLA 2413-1] phpmyadmin security update	25 Oct 202011:25	–	debian
Debian CVE	CVE-2020-26935	10 Oct 202018:26	–	debiancve
Tenable Nessus	Debian DLA-2413-1 : phpmyadmin security update	26 Oct 202000:00	–	nessus
Tenable Nessus	Fedora 33 : phpMyAdmin (2020-43d8624421)	26 Oct 202000:00	–	nessus
Tenable Nessus	Fedora 32 : phpMyAdmin (2020-4e78c86902)	20 Oct 202000:00	–	nessus
Tenable Nessus	Fedora 31 : phpMyAdmin (2020-eadda524a8)	20 Oct 202000:00	–	nessus

NVD

Node

Node

Node

Node

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K/
security	www.security.gentoo.org/glsa/202101-35
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5/
lists	www.lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
advisory	www.advisory.checkmarx.net/advisory/CX-2020-4281
phpmyadmin	www.phpmyadmin.net/security/PMASA-2020-6/
lists	www.lists.debian.org/debian-lts-announce/2020/10/msg00024.html
lists	www.lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO/

17 Jun 2026 03:08Current

9.4High risk

Vulners AI Score9.4

CVSS 27.5

CVSS 3.19.8

EPSS0.67081