CVE-2026-42463

SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR Insecure Direct Object Reference and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema...

CVE-2026-42463

SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR Insecure Direct Object Reference and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema...

PT-2026-40817

Name of the Vulnerable Software and Affected Versions SQLBot versions prior to 1.8.0 Description An Insecure Direct Object Reference IDOR and authorization bypass issue exists in the '/api/v1/datasource/exportDsSchema' and '/api/v1/datasource/uploadDsSchema' endpoints. This allows an attacker to...

EUVD-2009-4453

Malware in sbrugna...

SUSE CVE-2013-5002

Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...

GHSA-XHQQ-554J-P4X8 phpMyAdmin Directory Traversal Vulnerability

Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to 1...

Fedora 24 : phpMyAdmin (2016-e3240782ec)

phpMyAdmin 4.6.2 2016-05-25 ============================= - security User SQL queries can be revealed through URL GET parameters, see PMASA-2016-14 - security Self XSS vulneratbility, see PMASA-2016-16 - Use https for documentation links - Fix schema export with too many tables - Avoid parsing no...

Debian DSA-2975-1 : phpmyadmin - security update

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4995 Authenticated users could inject arbitrary web script or HTML via a crafted SQL query. -...

Debian: Security Advisory (DSA-2975-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpMyAdmin 3.5.x < 3.5.8.2 / 4.0.x < 4.0.4.2 Multiple Vulnerabilities

Binary data 6967.prm...

DEBIAN-CVE-2013-5003

Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via 1 the scale parameter to pmdpdf.php or 2 the pdfpagenumber parameter to schemaexport.php...

CVE-2013-5003

Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via 1 the scale parameter to pmdpdf.php or 2 the pdfpagenumber parameter to schemaexport.php...

CVE-2013-5002

Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...

MGASA-2013-0238 Updated phpmyadmin packages fix security vulnerabilities

Using a crafted SQL query, it was possible to produce an XSS on the SQL query form PMASA-2013-8CVE-2013-4995. In the setup/index.php, using a crafted hash with a Javascript event, untrusted JS code could be executed. In the Display chart view, a chart title containing HTML code was rendered...

Self-XSS due to unescaped HTML output in schema export.

PMASA-2013-14 Announcement-ID: PMASA-2013-14 Date: 2013-07-28 Updated: 2013-07-30 Summary Self-XSS due to unescaped HTML output in schema export. Description When calling schemaexport.php with crafted parameters, it is possible to trigger an XSS. Severity We consider this vulnerability to be non...

Fedora 14 : phpMyAdmin-3.4.1-1.fc14 (2011-7702)

Welcome to phpMyAdmin 3.4, presenting a new default theme. This release contains new features, especially : - User preferences - Relation schema export to multiple formats - ENUM/SET editor - Simplified interface for export/import - AJAXification of some parts - Charts - Visual query builder and...

Fedora 15 : phpMyAdmin-3.4.1-1.fc15 (2011-7684)

Welcome to phpMyAdmin 3.4, presenting a new default theme. This release contains new features, especially : - User preferences - Relation schema export to multiple formats - ENUM/SET editor - Simplified interface for export/import - AJAXification of some parts - Charts - Visual query builder and...