SUSE CVE-2016-5739

The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy CSP protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication toke...

GHSA-CR65-P662-FX5C phpMyAdmin vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...

phpMyAdmin Multiple Vulnerabilities (PMASA-2016-24, PMASA-2016-26, PMASA-2016-27, PMASA-2016-28) - Linux

phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...