Vulnerabilities > Phpmyadmin > Phpmyadmin > 4.4.15.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-1000017 | Server-Side Request Forgery (SSRF) vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server | 6.5 |
| 2017-07-17 | CVE-2017-1000015 | Cross-site Scripting vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters | 4.3 |
| 2017-07-17 | CVE-2017-1000014 | Improper Input Validation vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality | 5.0 |
| 2017-07-17 | CVE-2017-1000013 | Open Redirect vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness | 5.8 |
| 2017-01-31 | CVE-2016-6621 | Server-Side Request Forgery (SSRF) vulnerability in PHPmyadmin The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors. | 5.0 |
| 2016-07-05 | CVE-2016-5097 | Information Exposure vulnerability in multiple products phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs. | 5.0 |