Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 4:0 a.m.1 views

SUSE CVE-2020-10802

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a...

8CVSS8.9AI score0.01229EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2016/07/03 1:59 a.m.21 views

CVE-2016-5731

Cross-site scripting XSS vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message...

6.1CVSS7AI score0.00424EPSS
Exploits0References2
Cvelist
Cvelistadded 2016/03/01 11:0 a.m.24 views

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.4AI score0.0134EPSS
Exploits0References11
Prion
Prionadded 2013/07/04 2:33 p.m.13 views

Design/Logic Flaw

import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request...

5.5CVSS6.4AI score0.00367EPSS
Exploits2References2Affected Software1
UbuntuCve
UbuntuCveadded 2013/07/04 2:33 p.m.20 views

CVE-2013-3742

Cross-site scripting XSS vulnerability in viewcreate.php aka the Create View page in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message...

3.5CVSS6AI score0.00185EPSS
Exploits0References2
Prion
Prionadded 2013/04/26 3:34 a.m.21 views

Directory traversal

Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type...

6.5CVSS7.3AI score0.04055EPSS
Exploits5References2Affected Software1
UbuntuCve
UbuntuCveadded 2013/04/26 3:34 a.m.28 views

CVE-2013-3241

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

4CVSS7.3AI score0.03369EPSS
Exploits5References1
UbuntuCve
UbuntuCveadded 2013/04/26 3:34 a.m.20 views

CVE-2013-3240

Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type...

6.5CVSS7.4AI score0.04055EPSS
Exploits5References2
Rows per page
Query Builder