| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-12613 | 6.5 |
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and
|
02-11-2021 - 17:59 | 21-06-2018 - 20:29 | |
| CVE-2018-19968 | 4.0 |
An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created
|
23-04-2019 - 12:36 | 11-12-2018 - 17:29 | |
| CVE-2018-19970 | 4.3 |
In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.
|
22-04-2019 - 14:10 | 11-12-2018 - 17:29 | |
| CVE-2018-19969 | 6.8 |
phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines,
|
22-04-2019 - 14:10 | 11-12-2018 - 17:29 |