| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-4079 | 5.0 |
The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables.
|
19-10-2018 - 15:40 | 08-12-2005 - 01:03 | |
| CVE-2008-3197 | 3.5 |
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) th
|
08-08-2017 - 01:31 | 16-07-2008 - 18:41 | |
| CVE-2008-2960 | 2.6 |
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libr
|
08-08-2017 - 01:31 | 02-07-2008 - 17:14 | |
| CVE-2007-2245 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function.
|
29-07-2017 - 01:31 | 25-04-2007 - 16:19 | |
| CVE-2006-1258 | 4.3 |
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_theme parameter.
|
20-07-2017 - 01:30 | 19-03-2006 - 01:02 | |
| CVE-2007-0203 | 10.0 |
Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.
|
08-03-2011 - 02:49 | 11-01-2007 - 11:28 |