Lucene search
GoogleOSV:BIT-PHPMYADMIN-2020-5504HistoryMar 06, 2024 - 11:02 a.m.
BIT-phpmyadmin-2020-5504
2024-03-0611:02:06
Google
osv.dev
12
phpmyadmin
sql injection
user accounts
security vulnerability
mysql
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpmyadmin | lt | 5.0.1 | |
| phpmyadmin | ge | 5.0.0 | |
| phpmyadmin | ge | 4.0.0 | |
| phpmyadmin | lt | 4.9.4 |
Related
debian
debian
[SECURITY] [DLA 2060-1] phpmyadmin security update
2020-01-15 20:39:50
github
github
phpMyAdmin SQL injection in user accounts page
2022-05-24 17:05:59
cvelist
cvelist
CVE-2020-5504
2020-01-09 21:56:22
phpmyadmin
phpmyadmin
SQL injection in user accounts page
2020-01-05 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2060-1)
2020-01-16 00:00:00
Mageia: Security Advisory (MGASA-2020-0033)
2022-01-28 00:00:00
alpinelinux
alpinelinux
CVE-2020-5504
2020-01-09 22:15:00
nessus
nessus
FreeBSD : phpMyAdmin -- SQL injection (16aed7b7-344a-11ea-9cdb-001b217b3468)
2020-01-13 00:00:00
phpMyAdmin 4.x < 4.9.4 / 5.x < 5.0.1 SQLi (PMASA-2020-1)
2020-07-17 00:00:00
Debian DLA-2060-1 : phpmyadmin security update
2020-01-16 00:00:00
veracode
veracode
SQL Injection
2020-01-09 05:35:04
ubuntucve
ubuntucve
CVE-2020-5504
2020-01-09 00:00:00
prion
prion
Sql injection
2020-01-09 22:15:00
symantec
symantec
phpMyAdmin CVE-2020-5504 SQL Injection Vulnerability
2020-01-05 00:00:00
osv
osv
phpMyAdmin SQL injection in user accounts page
2022-05-24 17:05:59
phpmyadmin - security update
2020-01-08 00:00:00
CVE-2020-5504
2020-01-09 22:15:13
debiancve
debiancve
CVE-2020-5504
2020-01-09 22:15:00
freebsd
freebsd
phpMyAdmin -- SQL injection
2020-01-05 00:00:00
cve
cve
CVE-2020-5504
2020-01-09 22:15:00
friendsofphp
friendsofphp
SQL injection in user accounts page
2020-01-01 13:54:59
mageia
mageia
Updated phpmyadmin packages fix security vulnerability
2020-01-12 02:52:04
typo3
typo3
SQL Injection in extension "phpmyadmin" (phpmyadmin)
2020-03-10 00:00:00
suse
suse
Security update for phpMyAdmin (important)
2020-01-14 00:00:00
ubuntu
ubuntu
phpMyAdmin vulnerabilities
2020-11-19 00:00:00
phpMyAdmin vulnerabilities
2021-03-16 00:00:00
7.4 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
Related for OSV:BIT-PHPMYADMIN-2020-5504