Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

106 matches found

NVD
NVDadded 2004/12/31 5:0 a.m.18 views

CVE-2004-2632

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg'Servers' variables...

7.5CVSS6.6AI score0.02951EPSS
Exploits1References10
FreeBSD
FreeBSDadded 2004/12/13 12:0 a.m.68 views

phpmyadmin -- command execution vulnerability

A phpMyAdmin security announcement reports: Command execution: since phpMyAdmin 2.6.0-pl2, on a system where external MIME-based transformations are activated, an attacker can put into MySQL data an offensive value that starts a shell command when browsed. Enabling PHP safe mode on the server can...

10CVSS3.3AI score0.04568EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.8 views

FreeBSD : Remote code injection in phpMyAdmin (142)

The following package needs to be updated: phpMyAdmin %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg0d4c31accb9111d88898000d6111a684.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

0.1AI score
Exploits0References5
phpMyAdmin
phpMyAdminadded 2004/06/29 12:0 a.m.32 views

When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration.

PMASA-2004-1 Announcement-ID: PMASA-2004-1 Date: 2004-06-29 Summary When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration. Description phpMyAdmin used eval function to fill some values and one parameter used there w...

7.5CVSS6.1AI score0.14197EPSS
Exploits1Affected Software1
phpMyAdmin
phpMyAdminadded 2003/06/18 12:0 a.m.38 views

Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago.

PMASA-2003-1 Announcement-ID: PMASA-2003-1 Date: 2003-06-18 Summary Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago. Description Reporter wrote that he found following issues within phpMyAdmin code each issue is followed...

5.5AI score
Exploits0Affected Software1
securityvulns
securityvulnsadded 2001/07/02 12:0 a.m.32 views

phpMyAdmin 2.1.0 + world readable (apache) log files enable remote user to run arbitrary PHP Codes as apache user.

Note : sorry for my pity english. First of all, i want to ask a question, is it normal that if, in a MySQL query -via PHP-, i put "select from $table" . "files where ID=1" and i post table="atable ", MySQL consider the new query as a valid one so the final query will be "select from atable" ? It'...

7.3AI score
Exploits0
Rows per page
Query Builder