Vulnerabilities > Phpmyadmin > Phpmyadmin > 5.1.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-13 | CVE-2023-25727 | Cross-site Scripting vulnerability in PHPmyadmin In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. | 5.4 |
| 2023-01-26 | CVE-2020-22452 | SQL Injection vulnerability in PHPmyadmin SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php. | 9.8 |