CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phpmyadmin: >> Phpmyadmin >> 4.7.0 Security Vulnerabilities

CVE-2018-7260

Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVSS Score

5.4

EPSS Score

0.003

Published

2018-02-21

CVE-2017-1000499

phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.

CVSS Score

8.8

EPSS Score

0.105

Published

2018-01-03

Page 3

Vulnerabilities

Vulnerable Software

Phpmyadmin: >> Phpmyadmin >> 4.7.0 Security Vulnerabilities

Products

Pricing

Contact Us