Vulnerabilities > Phpmyadmin > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-12-11 | CVE-2016-6619 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 8.8 |
2016-12-11 | CVE-2016-6617 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 8.1 |
2016-12-11 | CVE-2016-6616 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 7.5 |
2016-12-11 | CVE-2016-6611 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 8.1 |
2016-12-11 | CVE-2016-6609 | Command Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 8.8 |
2016-12-11 | CVE-2016-6606 | Information Exposure vulnerability in PHPmyadmin An issue was discovered in cookie encryption in phpMyAdmin. | 8.1 |
2016-07-03 | CVE-2016-5739 | Information Exposure vulnerability in multiple products The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php. | 7.5 |
2016-07-03 | CVE-2016-5706 | Resource Management Errors vulnerability in multiple products js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter. | 7.5 |
2016-02-20 | CVE-2016-2041 | 7PK - Security Features vulnerability in multiple products libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. | 7.5 |
2016-02-20 | CVE-2016-1927 | 7PK - Security Features vulnerability in PHPmyadmin The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach. | 7.5 |