| Max CVSS | 4.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-4107 | 4.3 |
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity ref
|
09-02-2024 - 02:27 | 17-11-2011 - 19:55 | |
| CVE-2011-4782 | 4.3 |
Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
|
29-08-2017 - 01:30 | 22-12-2011 - 20:55 | |
| CVE-2011-4780 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1)
|
06-11-2012 - 05:04 | 22-12-2011 - 20:55 | |
| CVE-2011-4634 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Database Synchronize panel; (2) a crafted database name
|
06-11-2012 - 05:04 | 22-12-2011 - 20:55 |