| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1395 | 4.3 |
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an
|
16-10-2018 - 16:38 | 10-03-2007 - 22:19 | |
| CVE-2007-5386 | 4.3 |
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
|
15-10-2018 - 21:44 | 12-10-2007 - 10:17 | |
| CVE-2007-5589 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) di
|
17-08-2017 - 01:29 | 19-10-2007 - 23:17 | |
| CVE-2007-2245 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function.
|
29-07-2017 - 01:31 | 25-04-2007 - 16:19 | |
| CVE-2007-0204 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
|
29-07-2017 - 01:30 | 11-01-2007 - 11:28 | |
| CVE-2007-0095 | 5.0 |
phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.
|
29-07-2017 - 01:29 | 05-01-2007 - 18:28 | |
| CVE-2007-1325 | 7.1 |
The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array
|
08-03-2011 - 02:51 | 07-03-2007 - 21:19 | |
| CVE-2007-0203 | 10.0 |
Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.
|
08-03-2011 - 02:49 | 11-01-2007 - 11:28 | |
| CVE-2007-4306 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or
|
05-09-2008 - 21:27 | 13-08-2007 - 21:17 |