CVEDB API

Vulnerabilities

Vulnerable Software

Phpmyadmin: >> Phpmyadmin >> 2.5.3 Security Vulnerabilities

CVE-2005-2869

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php.

CVSS Score

4.3

EPSS Score

0.125

Published

2005-09-08

CVE-2005-0992

Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter.

CVSS Score

4.3

EPSS Score

0.102

Published

2005-05-02

CVE-2004-2630

The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.

CVSS Score

7.5

EPSS Score

0.021

Published

2004-12-31

CVE-2004-2631

Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name.

CVSS Score

7.5

EPSS Score

0.142

Published

2004-12-31

CVE-2004-2632

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.

CVSS Score

7.5

EPSS Score

0.03

Published

2004-12-31

Page 2

Vulnerabilities

Vulnerable Software

Phpmyadmin: >> Phpmyadmin >> 2.5.3 Security Vulnerabilities

Products

Pricing

Contact Us