Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6017 matches found

OSV
OSVadded 2022/05/14 2:8 a.m.31 views

GHSA-PW34-QF6C-84FC phpMyAdmin XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a 1 table name, 2 SET value, 3 search query, or 4 hostname in a Location header...

5.4CVSS5.8AI score0.00493EPSS
Exploits0References10
Github Security Blog
Github Security Blogadded 2022/05/14 2:8 a.m.20 views

phpMyAdmin XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a 1 table name, 2 SET value, 3 search query, or 4 hostname in a Location header...

5.4CVSS5.7AI score0.00493EPSS
Exploits0References11Affected Software1
OSV
OSVadded 2022/05/14 2:8 a.m.21 views

GHSA-8M97-XC46-RW9W phpMyAdmin Unsafe comparison of XSRF/CSRF token

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences...

7.5CVSS6.7AI score0.01029EPSS
Exploits0References9
Github Security Blog
Github Security Blogadded 2022/05/14 2:8 a.m.24 views

phpMyAdmin Unsafe comparison of XSRF/CSRF token

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences...

7.5CVSS7.3AI score0.01029EPSS
Exploits0References9Affected Software1
OSV
OSVadded 2022/05/14 2:5 a.m.18 views

GHSA-PVR5-84GR-G985 phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name, related to the...

3.5CVSS6.2AI score0.00269EPSS
Exploits1References6
Github Security Blog
Github Security Blogadded 2022/05/14 2:5 a.m.19 views

phpMyAdmin Implementation XSS Vulnerability on Server Monitor Page

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database name or 2 table name, related to the...

3.5CVSS6.3AI score0.00269EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blogadded 2022/05/14 2:5 a.m.27 views

phpMyAdmin cross-site scripting vulnerability in crafted view name

A cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...

3.5CVSS5.3AI score0.00219EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2022/05/14 2:5 a.m.34 views

GHSA-Q586-XPWR-JC3J phpMyAdmin cross-site scripting vulnerability in crafted view name

A cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...

3.5CVSS5.6AI score0.00219EPSS
Exploits1References4
OSV
OSVadded 2022/05/14 1:38 a.m.17 views

GHSA-F732-FXH6-G4QJ phpMyAdmin SQL injection in Designer feature

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

9.8CVSS9.5AI score0.00394EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/05/14 1:38 a.m.25 views

phpMyAdmin SQL injection in Designer feature

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

9.8CVSS8AI score0.00394EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/05/14 1:19 a.m.32 views

GHSA-5H5M-FJ48-QPJW phpMyAdmin Open Redirect

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness...

6.1CVSS6.3AI score0.00239EPSS
Exploits0References3
OSV
OSVadded 2022/05/14 1:19 a.m.23 views

GHSA-9HRC-RWRQ-V6MH phpMyAdmin DoS Vulnerability

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality...

7.5CVSS7.3AI score0.01144EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2022/05/14 1:19 a.m.33 views

phpMyAdmin Open Redirect

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness...

6.1CVSS6.9AI score0.00239EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blogadded 2022/05/14 1:19 a.m.32 views

phpMyAdmin DoS Vulnerability

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality...

7.5CVSS6.8AI score0.01144EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blogadded 2022/05/14 1:18 a.m.21 views

phpMyAdmin DoS Vulnerability

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

7.5CVSS6.8AI score0.01295EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blogadded 2022/05/14 1:18 a.m.26 views

phpMyAdmin CSS Injection Vulnerability

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...

6.1CVSS7.2AI score0.00557EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/05/14 1:18 a.m.19 views

GHSA-3FGQ-CMR4-97RR phpMyAdmin CSS Injection Vulnerability

phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...

6.1CVSS6.4AI score0.00557EPSS
Exploits0References4
OSV
OSVadded 2022/05/14 1:18 a.m.15 views

GHSA-47QR-F86F-3WM4 phpMyAdmin DoS Vulnerability

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

7.5CVSS7.3AI score0.01295EPSS
Exploits0References3
OSV
OSVadded 2022/05/14 1:15 a.m.18 views

GHSA-99XJ-XQC9-98HR phpMyAdmin SSRF in replication

phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server...

8.8CVSS8.4AI score0.0092EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/05/14 1:15 a.m.24 views

phpMyAdmin SSRF in replication

phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server...

8.8CVSS7.1AI score0.0092EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder