Vulnerabilities > Phpmyadmin > Phpmyadmin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-18 | CVE-2006-1804 | SQL-Injection vulnerability in PHPmyadmin 2.7.0Pl1/2.8.0.3 SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. | 7.5 |
2006-04-18 | CVE-2006-1803 | Cross-Site Scripting vulnerability in PHPMyAdmin Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter. network phpmyadmin | 4.3 |
2006-04-11 | CVE-2006-1678 | Cross-Site Scripting vulnerability in PHPMyAdmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory. network phpmyadmin | 4.3 |
2006-03-19 | CVE-2006-1258 | Cross-Site Scripting vulnerability in PHPmyadmin 2.8.0.1 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_theme parameter. network phpmyadmin | 4.3 |
2005-12-21 | CVE-2005-4450 | Cross-Site Request Forgery vulnerability in PHPmyadmin 2.7.0Pl1 Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.7.0 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag to server_privileges.php, as demonstrated using the dbname and checkprivs parameters. | 7.5 |
2005-12-08 | CVE-2005-3665 | Cross-Site Scripting vulnerability in PHPMyAdmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation. network phpmyadmin | 4.3 |
2005-12-08 | CVE-2005-4079 | Unspecified vulnerability in PHPmyadmin 2.7.0Rc1 The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables. | 5.0 |
2005-11-24 | CVE-2005-3787 | Cross-Site Scripting vulnerability in PHPMyAdmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog. network phpmyadmin | 4.3 |
2005-11-16 | CVE-2005-3622 | Remote Security vulnerability in phpMyAdmin phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory. | 5.0 |
2005-11-16 | CVE-2005-3621 | Unspecified vulnerability in PHPmyadmin CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts. | 5.0 |