Linux Distros Unpatched Vulnerability : CVE-2014-7217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticate...

phpMyAdmin DoS Vulnerability

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality...

phpMyAdmin 4.0 <= 4.8.4 Arbitrary File Read Vulnerability (PMASA-2019-1) - Linux

phpMyAdmin is prone to an arbitrary file read vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-18264

An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions e.g., version 5. This can allow the login of users who have no...

DEBIAN-CVE-2017-1000013

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness...

DEBIAN-CVE-2017-1000014

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality...

UBUNTU-CVE-2017-1000014

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality...

CVE-2017-1000015

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

phpMyAdmin 4.0.x/4.1.x/4.2.x - Denial of Service

============= DESCRIPTION: ============= A vulnerability present in in phpMyAdmin 4.0.x before 4.0.10.7, 4.1. x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service resource consumption via a long password. CVE-2014-9218 was assigned ============= Time...

CVE-2014-7217

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the 1 table search...

CVE-2014-5273

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...

CVE-2014-4986

Multiple cross-site scripting XSS vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 table name or 2 column name that is improperly handled...

DEBIAN-CVE-2013-5029

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php...

CVE-2013-5002

Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...