Vulnerabilities > Phpmyadmin > Phpmyadmin > 4.7.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-05 | CVE-2019-12616 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin before 4.9.0. | 6.5 |
| 2019-06-05 | CVE-2019-11768 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin before 4.9.0.1. | 9.8 |
| 2019-01-26 | CVE-2019-6799 | An issue was discovered in phpMyAdmin before 4.8.5. | 5.9 |
| 2019-01-26 | CVE-2019-6798 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin before 4.8.5. | 9.8 |
| 2018-12-11 | CVE-2018-19970 | Cross-site Scripting vulnerability in multiple products In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name. | 6.1 |
| 2018-12-11 | CVE-2018-19969 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. | 8.8 |
| 2018-12-11 | CVE-2018-19968 | Information Exposure vulnerability in multiple products An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. | 6.5 |
| 2018-08-24 | CVE-2018-15605 | Cross-site Scripting vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin before 4.8.3. | 6.1 |
| 2018-06-21 | CVE-2018-12581 | Cross-site Scripting vulnerability in PHPmyadmin An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. | 6.1 |
| 2018-02-21 | CVE-2018-7260 | Cross-site Scripting vulnerability in PHPmyadmin Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |