Vulnerabilities > Phpmyadmin > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-11 | CVE-2018-19968 | Information Exposure vulnerability in multiple products An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. | 6.5 |
| 2018-08-24 | CVE-2018-15605 | Cross-site Scripting vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin before 4.8.3. | 6.1 |
| 2018-06-21 | CVE-2018-12581 | Cross-site Scripting vulnerability in PHPmyadmin An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. | 6.1 |
| 2018-02-21 | CVE-2018-7260 | Cross-site Scripting vulnerability in PHPmyadmin Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |
| 2017-07-17 | CVE-2017-1000015 | Cross-site Scripting vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters | 6.1 |
| 2017-07-17 | CVE-2017-1000013 | Open Redirect vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness | 6.1 |
| 2016-12-11 | CVE-2016-9860 | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.9 |
| 2016-12-11 | CVE-2016-9859 | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.3 |
| 2016-12-11 | CVE-2016-9858 | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.3 |
| 2016-12-11 | CVE-2016-9857 | Cross-site Scripting vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.1 |