Vulnerabilities > Phpmyadmin > Phpmyadmin > 2.4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-08 | CVE-2005-2869 | Unspecified vulnerability in PHPmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php. network phpmyadmin | 4.3 |
2005-05-02 | CVE-2005-0992 | Cross-Site Scripting vulnerability in PHPMyAdmin Convcharset Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter. network phpmyadmin | 4.3 |
2005-05-02 | CVE-2005-0459 | Remote Security vulnerability in phpMyAdmin phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message. | 5.0 |
2005-01-10 | CVE-2004-1148 | Unspecified vulnerability in PHPmyadmin phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter. | 5.0 |
2005-01-10 | CVE-2004-1147 | Unspecified vulnerability in PHPmyadmin phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters. | 10.0 |
2004-03-03 | CVE-2004-0129 | Unspecified vulnerability in PHPmyadmin Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. | 5.0 |