Vulnerabilities > Phpmyadmin > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-11 | CVE-2016-6629 | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. | 9.8 |
| 2016-12-11 | CVE-2016-6620 | Deserialization of Untrusted Data vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 9.8 |
| 2016-07-03 | CVE-2016-5734 | Code Injection vulnerability in PHPmyadmin phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation. | 9.8 |
| 2016-07-03 | CVE-2016-5703 | SQL Injection vulnerability in multiple products SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query. | 9.8 |
| 2009-03-26 | CVE-2009-1151 | Code Injection vulnerability in multiple products Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. | 9.8 |