6026 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-2038
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request,...
Linux Distros Unpatched Vulnerability : CVE-2016-9856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. This issue is resolved by using a copy of a hash to avo...
Linux Distros Unpatched Vulnerability : CVE-2016-5701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode...
Linux Distros Unpatched Vulnerability : CVE-2016-6614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution ...
Linux Distros Unpatched Vulnerability : CVE-2014-8326
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticat...
Linux Distros Unpatched Vulnerability : CVE-2016-2043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows...
Linux Distros Unpatched Vulnerability : CVE-2016-5706
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - js/getscripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service vi...
Linux Distros Unpatched Vulnerability : CVE-2016-5705
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web scri...
Linux Distros Unpatched Vulnerability : CVE-2016-6611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export...
Linux Distros Unpatched Vulnerability : CVE-2014-4987
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serverusergroups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and rea...
Linux Distros Unpatched Vulnerability : CVE-2016-5730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1...
Linux Distros Unpatched Vulnerability : CVE-2016-5097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to...
Linux Distros Unpatched Vulnerability : CVE-2015-8669
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain...
Linux Distros Unpatched Vulnerability : CVE-2016-5704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HT...
Linux Distros Unpatched Vulnerability : CVE-2014-9219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web...
Linux Distros Unpatched Vulnerability : CVE-2014-4986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow...
CVE-2025-51539
EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation in a script exposed via the web interface. A remote attacker can supply a crafted path parameter to a PHP script to read arbitrary files from the filesystem...
CVE-2025-51539
EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability in a web‑exposed script. A remote attacker can supply a crafted path parameter to read arbitrary files from the filesystem via directory traversal (e.g., ../../../), without authentication or proper path handling. Potentia...
📄 phpMyAdmin 3.0 Bruteforce Login Bypass
phpMyAdmin version 3.0 suffers from a brute force login bypass vulnerability. """ Exploit-Title: PHPMyAdmin 3.0 - Bruteforce Login Bypass Author: Nikola Markovic [email protected] Date: 2023 Google-Dork: intext: phpMyAdmin Vendor: https://www.phpmyadmin.net/ Version: 3.0 & 4.3.x before 4.3.13...
PHPMyAdmin 3.0 - Bruteforce Login Bypass
""" Exploit-Title: PHPMyAdmin 3.0 - Bruteforce Login Bypass Author: Nikola Markovic [email protected] Date: 2023 Google-Dork: intext: phpMyAdmin Vendor: https://www.phpmyadmin.net/ Version: 3.0 & 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 Tested on: win/linux/unix Python-Version: 3.0 CVE...