Max CVSS 5.1 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-1567 2.1
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
14-02-2024 - 15:31 31-03-2008 - 22:44
CVE-2008-2960 2.6
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libr
08-08-2017 - 01:31 02-07-2008 - 17:14
CVE-2008-1924 3.5
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir v
08-08-2017 - 01:30 23-04-2008 - 16:05
CVE-2008-1149 5.1
phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by usin
08-08-2017 - 01:29 04-03-2008 - 23:44
Back to Top Mark selected
Back to Top