Vulnerabilities > Phpmyadmin > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-26 | CVE-2020-22452 | SQL Injection vulnerability in PHPmyadmin SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php. | 9.8 |
2020-10-10 | CVE-2020-26935 | SQL Injection vulnerability in multiple products An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. | 9.8 |
2019-11-22 | CVE-2019-18622 | SQL Injection vulnerability in multiple products An issue was discovered in phpMyAdmin before 4.9.2. | 9.8 |
2019-06-05 | CVE-2019-11768 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin before 4.9.0.1. | 9.8 |
2016-12-11 | CVE-2016-6629 | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. | 10.0 |
2010-01-19 | CVE-2008-7252 | Cryptographic Issues vulnerability in PHPmyadmin libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors. | 10.0 |
2010-01-19 | CVE-2008-7251 | Permissions, Privileges, and Access Controls vulnerability in PHPmyadmin libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors. | 10.0 |
2009-03-26 | CVE-2009-1151 | Code Injection vulnerability in multiple products Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. | 9.8 |
2007-01-11 | CVE-2007-0203 | Input Validation vulnerability in phpMyAdmin Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors. | 10.0 |
2005-01-10 | CVE-2004-1147 | Unspecified vulnerability in PHPmyadmin phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters. | 10.0 |