Lucene search
K

6027 matches found

Cvelist
Cvelist
added 2016/07/03 1:0 a.m.27 views

CVE-2016-5739

The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy CSP protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication toke...

8.5AI score0.02892EPSS
Exploits0References8
Cvelist
Cvelist
added 2016/07/03 1:0 a.m.33 views

CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

9.6AI score0.81373EPSS
Exploits8References6
Cvelist
Cvelist
added 2016/07/03 1:0 a.m.24 views

CVE-2016-5731

Cross-site scripting XSS vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message...

6.9AI score0.01761EPSS
Exploits0References7
Cvelist
Cvelist
added 2016/07/03 1:0 a.m.29 views

CVE-2016-5732

Multiple cross-site scripting XSS vulnerabilities in the partition-range implementation in templates/table/structure/displaypartitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters...

7.2AI score0.01636EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/07/03 1:0 a.m.33 views

CVE-2016-5702

phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHPSELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI...

6.5AI score0.01689EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/07/03 1:0 a.m.23 views

CVE-2016-5733

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...

7.2AI score0.0219EPSS
Exploits0References14
CNVD
CNVD
added 2016/06/29 12:0 a.m.2 views

phpMyAdmin cross-site scripting vulnerability (CNVD-2016-04395)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in...

6.1CVSS8.9AI score0.01636EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/29 12:0 a.m.1 views

phpMyAdmin cross-site scripting vulnerability (CNVD-2016-04394)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in...

6.1CVSS9.1AI score0.01761EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/29 12:0 a.m.6 views

phpMyAdmin Arbitrary Code Execution Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin that...

9.8CVSS9.9AI score0.81373EPSS
Exploits8References1
CNVD
CNVD
added 2016/06/29 12:0 a.m.4 views

phpMyAdmin Cross-Site Request Forgery Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. There is a security vulnerability in phpMyAdmin. An...

7.5CVSS9.7AI score0.02892EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/29 12:0 a.m.2 views

phpMyAdmin cross-site scripting vulnerability (CNVD-2016-04396)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in...

6.1CVSS9.1AI score0.0219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/06/29 12:0 a.m.38 views

openSUSE Security Update : phpMyAdmin (openSUSE-2016-804)

phpMyAdmin was updated to version 4.4.15.7 to fix eight security issues. These security issues were fixed : - CVE-2016-5701: BBCode injection vulnerability boo986154 - CVE-2016-5703: SQL injection attack boo986154 - CVE-2016-5705: Multiple XSS vulnerabilities boo986154 - CVE-2016-5706: DOS attack...

9.8CVSS6.6AI score0.02892EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2016/06/29 12:0 a.m.32 views

openSUSE Security Update : phpMyAdmin (openSUSE-2016-806)

This phpMyAdmin update to version 4.4.15.7 fixes the following issues : Issues fixed: Setup script doesn't use input type 'password' in all relevant locations Security issues fixed : - PMASA-2016-17 CVE-2016-5701, CWE-661 https://www.phpmyadmin.net/security/PMASA-2016-17/ - BBCode injection...

9.8CVSS6.5AI score0.02892EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2016/06/28 12:0 a.m.29 views

Fedora Update for phpMyAdmin FEDORA-2016-81c2dabf20

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.2AI score0.81373EPSS
Exploits8References2
Fedora
Fedora
added 2016/06/27 6:41 p.m.32 views

[SECURITY] Fedora 24 Update: phpMyAdmin-4.6.3-1.fc24

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

9.8CVSS1.3AI score0.81373EPSS
Exploits8
ArchLinux
ArchLinux
added 2016/06/25 12:0 a.m.42 views

phpmyadmin: multiple issues

CVE-2016-5702 cookie attribute injection A vulnerability was found where, under some circumstances, an attacker can inject arbitrary values in the browser cookies. Only affected when PHPSELF is not set. - CVE-2016-5703 SQL injection A vulnerability was discovered that allows an SQL injection...

7.5CVSS0.8AI score0.02892EPSS
Exploits0References23
CNVD
CNVD
added 2016/06/24 12:0 a.m.3 views

phpMyAdmin Full Path Disclosure Vulnerability

phpmyadmin is an online management tool for MySQL databases. phpmyadmin versions 4.4.x, 4.6.x, 4.0.x are available at . /setup/, . /examples/ are vulnerable to a full path disclosure vulnerability, which can be exploited by an attacker with a constructed script that triggers a PHP error message t...

5.3CVSS9.3AI score0.02616EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/24 12:0 a.m.2 views

phpMyAdmin Denial of Service Vulnerability

phpmyadmin is an online management tool for MySQL databases. A denial of service vulnerability exists in phpmyadmin versions 4.4.x, 4.6.x, and 4.0.x in loading certain JavaScript files, which can be exploited by an attacker to cause a denial of service attack...

7.5CVSS9.1AI score0.02814EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/24 12:0 a.m.4 views

phpMyAdmin SQL Injection Vulnerability

phpmyadmin is an online management tool for MySQL databases. A SQL injection vulnerability exists in phpmyadmin versions 4.6.x, 4.4.x, which can be exploited by an attacker to run arbitrary commands with root privileges...

9.8CVSS9.9AI score0.02323EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/24 12:0 a.m.3 views

phpMyAdmin Table Structure Page Cross Site Scripting Vulnerability

phpmyadmin is an online management tool for MySQL databases. A cross-site scripting vulnerability exists in the table structure page of phpmyadmin version 4.6.x, which can be exploited by an attacker to execute arbitrary scripts across sites...

6.1CVSS9AI score0.01644EPSS
Exploits0References1
Rows per page
Query Builder