EUVD-2022-5456

Malicious code in bioql PyPI...

EUVD-2022-3712

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-11768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injecti...

SUSE CVE-2016-6616

An issue was discovered in phpMyAdmin. In the "User group" and "Designer" features, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4 and 4.4.x versions prior to 4.4.15.8 are affected...

SUSE CVE-2018-12581

An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature...

SUSE CVE-2019-11768

An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature...

SUSE CVE-2019-18622

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature...

GHSA-X37V-98F9-MJ32 phpMyAdmin SQL injection in Designer feature

An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature...

phpMyAdmin SQL injection in Designer feature

An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature...

phpMyAdmin XSS Vulnerability

An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature...

Cross-site Scripting (XSS)

Overview phpmyadmin/phpmyadmin is a web interface for MySQL and MariaDB. Affected versions of this package are vulnerable to Cross-site Scripting XSS through various components, including specially crafted table names, logbin directive configuration, AJAX error handling, and features such as...

phpMyAdmin: SQL injection

Background phpMyAdmin is a web-based management tool for MySQL databases. Description PhpMyAdmin was vulnerable to an SQL injection attack through the designer feature. Impact An authenticated remote attacker, by specifying a specially crafted database/table name, could trigger an SQL injection...

GHSA-JGJC-332C-8CMC SQL injection in phpMyAdmin

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature...

SQL injection in phpMyAdmin

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature...

FreeBSD : phpmyadmin -- multiple vulnerabilities (ca3fe5b3-185e-11ea-9673-4c72b94353b5)

the phpmyadmin team reports : This security fix is part of an ongoing effort to improve the security of the Designer feature and is designated PMASA-2019-5. There is also an improvement for how we sanitize git version information shown on the home page. C Tenable Network Security, Inc. The...

SQL Injection

phpmyadmin/phpmyadmin is vulnerable to SQL injection. The vulnerability exists as the database and table name of designer feature is not properly sanitized to prevent arbitrary SQL query to be injected and executed...

DEBIAN-CVE-2019-18622

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature...

CVE-2019-18622

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature...

CVE-2019-18622

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature...

phpmyadmin -- multiple vulnerabilities

the phpmyadmin team reports: This security fix is part of an ongoing effort to improve the security of the Designer feature and is designated PMASA-2019-5. There is also an improvement for how we sanitize git version information shown on the home page...