Vulnerabilities > Phpmyadmin > Phpmyadmin > 2.11.11.2

DATE CVE VULNERABILITY TITLE RISK
2023-02-13 CVE-2023-25727 Cross-site Scripting vulnerability in PHPmyadmin
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.
network
low complexity
phpmyadmin CWE-79
5.4
5.4
2022-03-10 CVE-2022-0813 Information Exposure vulnerability in PHPmyadmin
PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests.
network
low complexity
phpmyadmin CWE-200
7.5
7.5
2020-11-04 CVE-2020-22278 Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPmyadmin
phpMyAdmin through 5.0.2 allows CSV injection via Export Section.
network
low complexity
phpmyadmin CWE-1236
8.8
8.8
2019-12-06 CVE-2019-19617 phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
network
low complexity
phpmyadmin debian
critical
 9.8
9.8
2019-11-22 CVE-2019-18622 SQL Injection vulnerability in multiple products
An issue was discovered in phpMyAdmin before 4.9.2.
network
low complexity
phpmyadmin opensuse fedoraproject CWE-89
critical
 9.8
9.8
2019-09-13 CVE-2019-12922 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
network
low complexity
phpmyadmin fedoraproject CWE-352
6.5
6.5
2019-06-05 CVE-2019-12616 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin
An issue was discovered in phpMyAdmin before 4.9.0.
network
low complexity
phpmyadmin CWE-352
6.5
6.5
2019-06-05 CVE-2019-11768 SQL Injection vulnerability in PHPmyadmin
An issue was discovered in phpMyAdmin before 4.9.0.1.
network
low complexity
phpmyadmin CWE-89
critical
 9.8
9.8
2018-08-24 CVE-2018-15605 Cross-site Scripting vulnerability in PHPmyadmin
An issue was discovered in phpMyAdmin before 4.8.3.
network
low complexity
phpmyadmin CWE-79
6.1
6.1
2018-06-21 CVE-2018-12581 Cross-site Scripting vulnerability in PHPmyadmin
An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2.
network
low complexity
phpmyadmin CWE-79
6.1
6.1