Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-4973

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01936EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/17 2:37 a.m.34 views

phpMyAdmin Cross-site Scripting (XSS)

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions prior to 4.6.4 are affected...

6.1CVSS6.2AI score0.0128EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 2:36 a.m.35 views

phpMyAdmin DoS Vulnerability

An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service DoS attack. All 4.6.x versions prior to 4.6.5 are affected...

7.5CVSS7.3AI score0.01936EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/17 2:36 a.m.15 views

GHSA-JVXX-8XXF-5495 phpMyAdmin CSRF Vulnerability

An issue was discovered in phpMyAdmin. When the argseparator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to...

9.8CVSS7.7AI score0.01018EPSS
Exploits0References5
Prion
Prion
added 2016/12/11 3:0 a.m.23 views

Code injection

An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions prior to 4.6.5 are affected...

5CVSS6.7AI score0.01569EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/12/11 2:59 a.m.26 views

Race condition

An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. This issue is resolved by using a copy of a hash to avoid a race condition. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are...

4.3CVSS5.9AI score0.01712EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2016/12/11 2:59 a.m.29 views

CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

8.1CVSS7.2AI score0.01386EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/12/11 2:59 a.m.30 views

CVE-2016-6617

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4 are affected...

8.1CVSS7.2AI score0.01506EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2016/12/11 2:0 a.m.38 views

CVE-2016-6608

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions prior to 4.6.4 are affected...

6.1CVSS6.8AI score0.0128EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2016/12/11 2:0 a.m.34 views

CVE-2016-6608

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions prior to 4.6.4 are affected...

6.1CVSS6.4AI score0.0128EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2016/12/11 2:0 a.m.62 views

CVE-2016-9856

An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. This issue is resolved by using a copy of a hash to avoid a race condition. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are...

6.1CVSS5.8AI score0.01467EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2016/12/11 2:0 a.m.43 views

CVE-2016-9848

An issue was discovered in phpMyAdmin. phpinfo phpinfo.php shows PHP information including values of HttpOnly cookies. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

5.3CVSS7.2AI score0.01308EPSS
Exploits0
Rows per page
Query Builder