Known Vulnerabilities for products from Phpmyadmin
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Phpmyadmin".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-25727 json | In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file thro... | 5.4 - MEDIUM | 2023-02-13 | 2023-02-23 |
| CVE-2022-23808 json | An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup scrip... | 6.1 - MEDIUM | 2022-01-22 | 2023-11-26 |
| CVE-2022-23807 json | An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to php... | 4.3 - MEDIUM | 2022-01-22 | 2023-11-26 |
| CVE-2022-0813 json | PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. Th... | 7.5 - HIGH | 2022-03-10 | 2023-11-26 |
| CVE-2020-26935 json | An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability wa... | 9.8 - CRITICAL | 2020-10-10 | 2023-11-07 |
| CVE-2020-26934 json | phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link. | 6.1 - MEDIUM | 2020-10-10 | 2023-11-07 |
| CVE-2020-22452 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-01-26 | 2023-02-01 |
| CVE-2020-22278 json | ** DISPUTED ** phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the ... | 8.8 - HIGH | 2020-11-04 | 2023-11-07 |
| CVE-2020-11441 json | ** DISPUTED ** phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields caus... | 6.1 - MEDIUM | 2020-03-31 | 2023-11-07 |
| CVE-2020-10804 json | In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current user... | 8 - HIGH | 2020-03-22 | 2023-11-07 |
| CVE-2020-10803 json | In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could ... | 5.4 - MEDIUM | 2020-03-22 | 2023-11-07 |
| CVE-2020-10802 json | In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain paramete... | 8 - HIGH | 2020-03-22 | 2023-11-07 |
| CVE-2020-5504 json | In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could injec... | 8.8 - HIGH | 2020-01-09 | 2020-11-10 |
| CVE-2019-19617 json | phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and lib... | 9.8 - CRITICAL | 2019-12-06 | 2020-11-10 |
| CVE-2019-18622 json | An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection atta... | 9.8 - CRITICAL | 2019-11-22 | 2023-11-07 |
| CVE-2019-12922 json | A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page. | 6.5 - MEDIUM | 2019-09-13 | 2023-11-07 |
| CVE-2019-12616 json | An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attac... | 6.5 - MEDIUM | 2019-06-05 | 2023-11-07 |
| CVE-2019-11768 json | An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name ca... | 9.8 - CRITICAL | 2019-06-05 | 2023-11-07 |
| CVE-2019-6799 json | An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with ... | 5.9 - MEDIUM | 2019-01-26 | 2020-08-24 |
| CVE-2019-6798 json | An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be us... | 9.8 - CRITICAL | 2019-01-26 | 2019-01-28 |
Known software with vulnerabilities from Phpmyadmin
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Phpmyadmin | Phpmyadmin | 0.9.0 |