Vulnerabilities > Phpmyadmin > Phpmyadmin > 3.4.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-11-17 | CVE-2011-3646 | Improper Input Validation vulnerability in PHPmyadmin phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message. | 5.0 |
2011-11-01 | CVE-2011-4064 | Cross-Site Scripting vulnerability in PHPmyadmin Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. | 4.3 |
2011-08-29 | CVE-2011-3181 | Cross-Site Scripting vulnerability in PHPmyadmin Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name. | 4.3 |