| 0 |
| url |
VCID-1dc8-kafr-3qd7 |
| vulnerability_id |
VCID-1dc8-kafr-3qd7 |
| summary |
Cross-site Scripting
An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6628 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49225 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49155 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49186 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49214 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49165 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.4922 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49216 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49234 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49207 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49212 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49257 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49255 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6628 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6628, GHSA-phhm-63xx-v9rr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1dc8-kafr-3qd7 |
|
| 1 |
| url |
VCID-24e9-fnt7-jqdu |
| vulnerability_id |
VCID-24e9-fnt7-jqdu |
| summary |
Improper Input Validation
phpMyAdmin is vulnerable to a DoS attack in the replication status by using a specially crafted table name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000018 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.7972 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79654 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79683 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.7969 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79711 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79695 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79688 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79717 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79639 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79646 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79667 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000018 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2017-1000018, GHSA-47qr-f86f-3wm4
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-24e9-fnt7-jqdu |
|
| 2 |
| url |
VCID-2g3b-qqxy-ekcq |
| vulnerability_id |
VCID-2g3b-qqxy-ekcq |
| summary |
phpMyAdmin Global variables scope injection vulnerability
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4729 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58635 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58656 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58679 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58674 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58642 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58662 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58681 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58663 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.5853 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58657 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58614 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58605 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4729 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.0.4.1 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.0.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-7mys-s9mz-h3g1 |
|
| 3 |
| vulnerability |
VCID-7n1n-uj91-8ugg |
|
| 4 |
| vulnerability |
VCID-b5bf-6u8e-byh8 |
|
| 5 |
| vulnerability |
VCID-b9b1-624h-uubt |
|
| 6 |
| vulnerability |
VCID-cy6p-nz8a-zydk |
|
| 7 |
| vulnerability |
VCID-eq3j-14fc-2uev |
|
| 8 |
| vulnerability |
VCID-f7gd-w9r7-xyb2 |
|
| 9 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 10 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 11 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 12 |
| vulnerability |
VCID-q2be-73wp-tbav |
|
| 13 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 14 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 15 |
| vulnerability |
VCID-wamt-3g12-t7ch |
|
| 16 |
| vulnerability |
VCID-xu1c-xtb4-9ygg |
|
| 17 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 18 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.4.1 |
|
| 1 |
|
|
| aliases |
CVE-2013-4729, GHSA-x962-w72p-mv7q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2g3b-qqxy-ekcq |
|
| 3 |
| url |
VCID-2jjv-4en4-e3gx |
| vulnerability_id |
VCID-2jjv-4en4-e3gx |
| summary |
phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-22278 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61125 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61205 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61233 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61199 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61247 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61261 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61281 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61267 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61249 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61289 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61294 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61273 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-22278 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-22278
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2jjv-4en4-e3gx |
|
| 4 |
| url |
VCID-3yp5-vqej-r7hh |
| vulnerability_id |
VCID-3yp5-vqej-r7hh |
| summary |
Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin allow remote authenticated users to inject arbitrary web script or HTML. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2040 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65695 |
| published_at |
2026-04-12T12:55:00Z |
|
| 1 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65697 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65714 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.657 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65581 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65629 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65659 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65625 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65677 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65689 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65709 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65665 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2040 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2040 |
| reference_id |
CVE-2016-2040 |
| reference_type |
|
| scores |
| 0 |
| value |
3.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
5.4 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2040 |
|
| 74 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.0.2 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.0.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2g3b-qqxy-ekcq |
|
| 1 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 2 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 3 |
| vulnerability |
VCID-7mys-s9mz-h3g1 |
|
| 4 |
| vulnerability |
VCID-7n1n-uj91-8ugg |
|
| 5 |
| vulnerability |
VCID-b5bf-6u8e-byh8 |
|
| 6 |
| vulnerability |
VCID-b9b1-624h-uubt |
|
| 7 |
| vulnerability |
VCID-cy6p-nz8a-zydk |
|
| 8 |
| vulnerability |
VCID-eq3j-14fc-2uev |
|
| 9 |
| vulnerability |
VCID-f7gd-w9r7-xyb2 |
|
| 10 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 11 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-q2be-73wp-tbav |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 16 |
| vulnerability |
VCID-wamt-3g12-t7ch |
|
| 17 |
| vulnerability |
VCID-xu1c-xtb4-9ygg |
|
| 18 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 19 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.2 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-2040, GHSA-pw34-qf6c-84fc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3yp5-vqej-r7hh |
|
| 5 |
| url |
VCID-5657-kcyh-7bc2 |
| vulnerability_id |
VCID-5657-kcyh-7bc2 |
| summary |
phpMyAdmin SQL injection in user accounts page
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-5504 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.22375 |
| scoring_system |
epss |
| scoring_elements |
0.95843 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.22375 |
| scoring_system |
epss |
| scoring_elements |
0.95834 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.22375 |
| scoring_system |
epss |
| scoring_elements |
0.9584 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95916 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95908 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95945 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95942 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95939 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95937 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95928 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95924 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-5504 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-5504, GHSA-fgj8-93xx-f6g6
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5657-kcyh-7bc2 |
|
| 6 |
| url |
VCID-5mda-fksy-bqb2 |
| vulnerability_id |
VCID-5mda-fksy-bqb2 |
| summary |
Cross-site Scripting
An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9857 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61754 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61807 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61824 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61819 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61777 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61797 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.6181 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61789 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61651 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61725 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61773 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9857 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-9857, GHSA-hmmx-wxh4-9w8w
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5mda-fksy-bqb2 |
|
| 7 |
| url |
VCID-64sy-unts-juf3 |
| vulnerability_id |
VCID-64sy-unts-juf3 |
| summary |
Information Exposure
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user session, username, and password are not compromised by this vulnerability. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6625 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50974 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50851 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50909 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50935 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50892 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50949 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50947 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50989 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50967 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50951 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50988 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50995 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6625 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6625, GHSA-r643-7xfg-ppc5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-64sy-unts-juf3 |
|
| 8 |
| url |
VCID-7h9b-a8dp-57hp |
| vulnerability_id |
VCID-7h9b-a8dp-57hp |
| summary |
Cross-site Scripting
phpMyAdmin is vulnerable to a CSS injection attack through crafted cookie parameters. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000015 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68119 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68196 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68214 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68202 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68164 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68197 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68211 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68186 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68101 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68124 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.6817 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68142 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000015 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2017-1000015, GHSA-3fgq-cmr4-97rr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7h9b-a8dp-57hp |
|
| 9 |
| url |
VCID-7mys-s9mz-h3g1 |
| vulnerability_id |
VCID-7mys-s9mz-h3g1 |
| summary |
phpMyAdmin cross-site scripting Vulnerability via ENUM value
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to `libraries/TableSearch.class.php` and `libraries/Util.class.php`. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-7217 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.5669 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56717 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56719 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56688 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56573 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56709 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56669 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56734 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56689 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56725 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56721 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-7217 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-7217, GHSA-wv8g-fx9j-q2jg
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7mys-s9mz-h3g1 |
|
| 10 |
| url |
VCID-7n1n-uj91-8ugg |
| vulnerability_id |
VCID-7n1n-uj91-8ugg |
| summary |
phpMyAdmin server-side request forgery (SSRF)
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6621 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59883 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59966 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.5998 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59974 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59934 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59953 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59968 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59947 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59811 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59888 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59933 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59913 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6621 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6621, GHSA-44vv-mm86-7cg6
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7n1n-uj91-8ugg |
|
| 11 |
| url |
VCID-8fu3-wm7d-qkeu |
| vulnerability_id |
VCID-8fu3-wm7d-qkeu |
| summary |
Incomplete Cleanup
An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6632 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68518 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68424 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68443 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68463 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68439 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68489 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68506 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68532 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.6852 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68488 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68527 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.6854 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6632 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6632, GHSA-426q-975p-w5cr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8fu3-wm7d-qkeu |
|
| 12 |
| url |
VCID-8xac-hgvs-ykgn |
| vulnerability_id |
VCID-8xac-hgvs-ykgn |
| summary |
Incomplete List of Disallowed Inputs
An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9861 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47891 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47821 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47859 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.4788 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47829 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47882 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47878 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47902 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47879 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47889 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47943 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47937 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9861 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-9861, GHSA-r326-mp8g-6xfc
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8xac-hgvs-ykgn |
|
| 13 |
| url |
VCID-9t2s-etzf-t3d2 |
| vulnerability_id |
VCID-9t2s-etzf-t3d2 |
| summary |
Command Injection
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6609 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62256 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62108 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62169 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62199 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62166 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62216 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62233 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62252 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62241 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.6222 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62265 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62272 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6609 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6609, GHSA-wpww-hx7x-xfjh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9t2s-etzf-t3d2 |
|
| 14 |
| url |
VCID-9xxd-uwwt-57ba |
| vulnerability_id |
VCID-9xxd-uwwt-57ba |
| summary |
Cross-site Scripting
An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9856 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61754 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61807 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61824 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61819 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61777 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61797 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.6181 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61789 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61651 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61725 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61773 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9856 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-9856, GHSA-j8mx-x32r-5rf4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9xxd-uwwt-57ba |
|
| 15 |
| url |
VCID-b5bf-6u8e-byh8 |
| vulnerability_id |
VCID-b5bf-6u8e-byh8 |
| summary |
phpMyAdmin Denial Of Service (DOS) attack
js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5706 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86073 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.85994 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86005 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86022 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86041 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.8605 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86065 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86062 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86058 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86075 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.8608 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5706 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5706 |
| reference_id |
CVE-2016-5706 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 2 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5706 |
|
| 88 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5706, GHSA-9rmm-8fp4-26hv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b5bf-6u8e-byh8 |
|
| 16 |
| url |
VCID-b5d2-5bfb-bbgz |
| vulnerability_id |
VCID-b5d2-5bfb-bbgz |
| summary |
Server-Side Request Forgery (SSRF)
phpMyAdmin is vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000017 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75913 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75979 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75994 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75992 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75954 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75961 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75984 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.7596 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75898 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75902 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75946 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75934 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000017 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2017-1000017, GHSA-99xj-xqc9-98hr
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b5d2-5bfb-bbgz |
|
| 17 |
| url |
VCID-b9b1-624h-uubt |
| vulnerability_id |
VCID-b9b1-624h-uubt |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8326 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.5044 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50418 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50411 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50453 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.5043 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50415 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.5046 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50464 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50329 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50385 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50414 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50365 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8326 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-8326, GHSA-pvr5-84gr-g985
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b9b1-624h-uubt |
|
| 18 |
| url |
VCID-bcmm-z26p-rkfp |
| vulnerability_id |
VCID-bcmm-z26p-rkfp |
| summary |
Improper Input Validation
An issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9860 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77197 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77104 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7711 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7714 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77122 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77155 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77163 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77191 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7717 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77165 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77206 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77207 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9860 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-9860, GHSA-3hw5-fffc-qrg4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bcmm-z26p-rkfp |
|
| 19 |
| url |
VCID-cy6p-nz8a-zydk |
| vulnerability_id |
VCID-cy6p-nz8a-zydk |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-6300 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50772 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50793 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50763 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50787 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50656 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50744 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.5071 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50747 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50692 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50736 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-6300 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-6300, GHSA-6wfj-2mw7-p5cg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cy6p-nz8a-zydk |
|
| 20 |
| url |
VCID-e9qs-mvaa-wyc6 |
| vulnerability_id |
VCID-e9qs-mvaa-wyc6 |
| summary |
Incomplete List of Disallowed Inputs
An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6624 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53332 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53227 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53251 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53276 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53244 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53296 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53291 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53326 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53309 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53347 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53352 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6624 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6624, GHSA-mhxj-6vf8-mwv3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e9qs-mvaa-wyc6 |
|
| 21 |
| url |
VCID-ebk2-vjau-57h9 |
| vulnerability_id |
VCID-ebk2-vjau-57h9 |
| summary |
Information Exposure
An attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19968 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85409 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85495 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85498 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85494 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.8547 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85429 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85397 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85474 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85475 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85461 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85453 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85432 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19968 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-19968, GHSA-xc97-r49q-cxgc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9 |
|
| 22 |
| url |
VCID-eq3j-14fc-2uev |
| vulnerability_id |
VCID-eq3j-14fc-2uev |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4986 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.5669 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56721 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56725 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56734 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56709 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56688 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56719 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56717 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56573 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56669 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56689 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4986 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.0.10.1 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.0.10.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-7mys-s9mz-h3g1 |
|
| 3 |
| vulnerability |
VCID-7n1n-uj91-8ugg |
|
| 4 |
| vulnerability |
VCID-a1h3-y1fe-7fe2 |
|
| 5 |
| vulnerability |
VCID-b5bf-6u8e-byh8 |
|
| 6 |
| vulnerability |
VCID-b9b1-624h-uubt |
|
| 7 |
| vulnerability |
VCID-cx8d-r8hf-3kak |
|
| 8 |
| vulnerability |
VCID-cy6p-nz8a-zydk |
|
| 9 |
| vulnerability |
VCID-f7gd-w9r7-xyb2 |
|
| 10 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 11 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 14 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 15 |
| vulnerability |
VCID-wamt-3g12-t7ch |
|
| 16 |
| vulnerability |
VCID-we1q-4dc4-qufn |
|
| 17 |
| vulnerability |
VCID-xu1c-xtb4-9ygg |
|
| 18 |
| vulnerability |
VCID-zbha-a7rp-nbd9 |
|
| 19 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 20 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.1 |
|
| 2 |
|
| 3 |
|
|
| aliases |
CVE-2014-4986, GHSA-jqmr-wqgp-8mh2
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eq3j-14fc-2uev |
|
| 23 |
| url |
VCID-f7gd-w9r7-xyb2 |
| vulnerability_id |
VCID-f7gd-w9r7-xyb2 |
| summary |
phpMyAdmin Cryptographic Vulnerability
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-1927 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70271 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70177 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70189 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70206 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70183 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70229 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70244 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70267 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70252 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70239 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.7029 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-1927 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-1927 |
| reference_id |
CVE-2016-1927 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:N/A:N |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 2 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-1927 |
|
| 73 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-1927, GHSA-4gmg-gwjh-3mmr
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f7gd-w9r7-xyb2 |
|
| 24 |
| url |
VCID-fgr8-8j61-cufq |
| vulnerability_id |
VCID-fgr8-8j61-cufq |
| summary |
Information Exposure
An issue was discovered in phpMyAdmin. A user can exploit the "LOAD LOCAL INFILE" functionality to expose files on the server to the database system. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6612 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61453 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61298 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61377 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61406 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61375 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61422 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61437 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61459 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61444 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61426 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61465 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61469 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6612 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6612, GHSA-fcgm-62p3-f7cm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fgr8-8j61-cufq |
|
| 25 |
| url |
VCID-fvnp-w4kk-3qfq |
| vulnerability_id |
VCID-fvnp-w4kk-3qfq |
| summary |
Cross-site Scripting
XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6608 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63751 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63625 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63685 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63711 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63671 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63723 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63741 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63755 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.6374 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63706 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63742 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6608 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6608, GHSA-jfmj-27fp-qp67
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fvnp-w4kk-3qfq |
|
| 26 |
| url |
VCID-g6ud-92qe-hqcx |
| vulnerability_id |
VCID-g6ud-92qe-hqcx |
| summary |
phpMyAdmin unsanitized Git information
phpMyAdmin before 4.9.2 does not escape certain Git information, related to `libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-19617 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78487 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78518 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78481 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78556 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78559 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.7856 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78532 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.7854 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78558 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78533 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78528 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78501 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-19617 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-19617, GHSA-pgph-mc4p-f8c3
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g6ud-92qe-hqcx |
|
| 27 |
| url |
VCID-gu4y-aeqx-mqak |
| vulnerability_id |
VCID-gu4y-aeqx-mqak |
| summary |
SQL injection in phpMyAdmin
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18622 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72851 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72752 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.7276 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.7278 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72756 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72794 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72808 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72832 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72815 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72807 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72849 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72859 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18622 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-18622, GHSA-jgjc-332c-8cmc
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gu4y-aeqx-mqak |
|
| 28 |
| url |
VCID-gzqe-8ywj-h7hk |
| vulnerability_id |
VCID-gzqe-8ywj-h7hk |
| summary |
Cryptographic Issues
An issue was discovered in phpMyAdmin. When the user does not specify a `blowfish_secret` key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's `blowfish_secret` and potentially decrypt their cookies. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9847 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62618 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.627 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62719 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62711 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62671 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62694 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62704 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62686 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62563 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62621 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.6267 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62653 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9847 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-9847, GHSA-9xhq-pm7v-693p
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gzqe-8ywj-h7hk |
|
| 29 |
| url |
VCID-h5wu-ugm7-4bah |
| vulnerability_id |
VCID-h5wu-ugm7-4bah |
| summary |
Code Injection
An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6633 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.8296 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82853 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82869 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82882 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82878 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82903 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82911 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82926 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82922 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82918 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82957 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6633 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6633, GHSA-p849-vf5f-f3x7
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h5wu-ugm7-4bah |
|
| 30 |
| url |
VCID-hnud-ktgb-dfe6 |
| vulnerability_id |
VCID-hnud-ktgb-dfe6 |
| summary |
Improper Privilege Management
An issue was discovered in `libraries/common` which allows users who have no password set to log in even if the administrator has set `$cfg['Servers'][$i]['AllowNoPassword']` to `false` (which is also the default). |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-18264 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53691 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53747 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53766 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53761 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53724 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53741 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53757 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53709 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53711 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53658 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53663 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53643 |
| published_at |
2026-04-01T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-18264 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2017-18264 |
| reference_id |
CVE-2017-18264 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2017-18264 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
| 2 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.1 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 10 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 11 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 12 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 13 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 14 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 15 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 16 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 17 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 18 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 19 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 20 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.1 |
|
|
| aliases |
CVE-2017-18264, GHSA-5868-g58j-vrj5
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hnud-ktgb-dfe6 |
|
| 31 |
| url |
VCID-hucu-azum-53bw |
| vulnerability_id |
VCID-hucu-azum-53bw |
| summary |
Information Exposure
phpMyAdmin allows remote attackers to obtain sensitive information. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5730 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79883 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79801 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.7988 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79879 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79851 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79859 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79875 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79854 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79846 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79817 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79829 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79808 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5730 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5730 |
| reference_id |
CVE-2016-5730 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5730 |
|
| 77 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-5730, GHSA-wm9c-vcv2-vpqc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hucu-azum-53bw |
|
| 32 |
| url |
VCID-ngtc-xtjn-xbhp |
| vulnerability_id |
VCID-ngtc-xtjn-xbhp |
| summary |
phpMyAdmin SQL injection vulnerability
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10802 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81852 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81779 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81873 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81871 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.8187 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81834 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.8184 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81826 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.818 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81802 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81769 |
| published_at |
2026-04-01T12:55:00Z |
|
| 11 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81833 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10802 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-10802, GHSA-f4cr-3xmc-2wpm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ngtc-xtjn-xbhp |
|
| 33 |
| url |
VCID-nz1c-xk2s-3fau |
| vulnerability_id |
VCID-nz1c-xk2s-3fau |
| summary |
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in `examples/openid.php` in phpMyAdmin allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5731 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62116 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62205 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62222 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62148 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62057 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62215 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62171 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62192 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62203 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62184 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62166 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5731 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5731 |
| reference_id |
CVE-2016-5731 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5731 |
|
| 90 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-5731, GHSA-mwm8-36c5-j5cf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nz1c-xk2s-3fau |
|
| 34 |
| url |
VCID-q2be-73wp-tbav |
| vulnerability_id |
VCID-q2be-73wp-tbav |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5002 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4328 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43293 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43355 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43344 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43232 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43288 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43317 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43254 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43305 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4332 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43309 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5002 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.0.4.2 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.0.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-7mys-s9mz-h3g1 |
|
| 3 |
| vulnerability |
VCID-7n1n-uj91-8ugg |
|
| 4 |
| vulnerability |
VCID-b5bf-6u8e-byh8 |
|
| 5 |
| vulnerability |
VCID-b9b1-624h-uubt |
|
| 6 |
| vulnerability |
VCID-cy6p-nz8a-zydk |
|
| 7 |
| vulnerability |
VCID-eq3j-14fc-2uev |
|
| 8 |
| vulnerability |
VCID-f7gd-w9r7-xyb2 |
|
| 9 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 10 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 11 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 12 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 13 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 14 |
| vulnerability |
VCID-wamt-3g12-t7ch |
|
| 15 |
| vulnerability |
VCID-xu1c-xtb4-9ygg |
|
| 16 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 17 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.4.2 |
|
|
| aliases |
CVE-2013-5002, GHSA-p632-5w74-x8xx
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q2be-73wp-tbav |
|
| 35 |
| url |
VCID-qcra-cu62-43he |
| vulnerability_id |
VCID-qcra-cu62-43he |
| summary |
Cross-site Scripting
In phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19970 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81175 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81074 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81083 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81108 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81107 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81135 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81141 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81159 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81146 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81139 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81176 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81178 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19970 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-19970, GHSA-8987-93fh-rcwq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he |
|
| 36 |
| url |
VCID-rqy8-n6fr-hqey |
| vulnerability_id |
VCID-rqy8-n6fr-hqey |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-0813 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00318 |
| scoring_system |
epss |
| scoring_elements |
0.54905 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00318 |
| scoring_system |
epss |
| scoring_elements |
0.54888 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00318 |
| scoring_system |
epss |
| scoring_elements |
0.54908 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63043 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.62955 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63007 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63058 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63074 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63091 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63077 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63055 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-0813 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-0813, GHSA-vx8q-j7h9-vf6q
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rqy8-n6fr-hqey |
|
| 37 |
| url |
VCID-tks3-6uv4-kygf |
| vulnerability_id |
VCID-tks3-6uv4-kygf |
| summary |
phpMyAdmin SQL Injection
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges). |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10804 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85208 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85114 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85127 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85144 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85147 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85169 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85177 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85191 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85189 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85186 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85207 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10804 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-10804, GHSA-h65r-8fp8-w7cx
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tks3-6uv4-kygf |
|
| 38 |
| url |
VCID-tydk-zjv1-nye6 |
| vulnerability_id |
VCID-tydk-zjv1-nye6 |
| summary |
Improper Input Validation
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6622 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77197 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77104 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7711 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7714 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77122 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77155 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77163 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77191 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7717 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77165 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77206 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77207 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6622 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6622, GHSA-qf3f-7x69-qfv3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tydk-zjv1-nye6 |
|
| 39 |
| url |
VCID-uw6h-fpzy-x3ap |
| vulnerability_id |
VCID-uw6h-fpzy-x3ap |
| summary |
URL Redirection to Untrusted Site (Open Redirect)
phpMyAdmin is vulnerable to an open redirect weakness. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000013 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47088 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.4698 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47035 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47031 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47029 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47036 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47092 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46978 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47033 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000013 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2017-1000013, GHSA-5h5m-fj48-qpjw
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uw6h-fpzy-x3ap |
|
| 40 |
| url |
VCID-v66b-3ghf-9uas |
| vulnerability_id |
VCID-v66b-3ghf-9uas |
| summary |
Improper Input Validation
An issue was discovered in phpMyAdmin involving the `$cfg['ArbitraryServerRegexp']` configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by `ArbitraryServerRegexp`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6629 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55121 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.54974 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55075 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55101 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55076 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55138 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55118 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.551 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55142 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6629 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6629, GHSA-567r-vqj7-5cw7
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v66b-3ghf-9uas |
|
| 41 |
| url |
VCID-w37b-ep3h-tfaz |
| vulnerability_id |
VCID-w37b-ep3h-tfaz |
| summary |
Covert Timing Channel
`libraries/common.inc.php` in phpMyAdmin does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2041 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.773 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77269 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77287 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77252 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77344 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77312 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77316 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77336 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77258 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77309 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2041 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2041 |
| reference_id |
CVE-2016-2041 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 2 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2041 |
|
| 73 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.0.2 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.0.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2g3b-qqxy-ekcq |
|
| 1 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 2 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 3 |
| vulnerability |
VCID-7mys-s9mz-h3g1 |
|
| 4 |
| vulnerability |
VCID-7n1n-uj91-8ugg |
|
| 5 |
| vulnerability |
VCID-b5bf-6u8e-byh8 |
|
| 6 |
| vulnerability |
VCID-b9b1-624h-uubt |
|
| 7 |
| vulnerability |
VCID-cy6p-nz8a-zydk |
|
| 8 |
| vulnerability |
VCID-eq3j-14fc-2uev |
|
| 9 |
| vulnerability |
VCID-f7gd-w9r7-xyb2 |
|
| 10 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 11 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-q2be-73wp-tbav |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 16 |
| vulnerability |
VCID-wamt-3g12-t7ch |
|
| 17 |
| vulnerability |
VCID-xu1c-xtb4-9ygg |
|
| 18 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 19 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.2 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-2041, GHSA-8m97-xc46-rw9w
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w37b-ep3h-tfaz |
|
| 42 |
| url |
VCID-wamt-3g12-t7ch |
| vulnerability_id |
VCID-wamt-3g12-t7ch |
| summary |
Cross-Site Request Forgery (CSRF)
An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9866 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44825 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44762 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44842 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44863 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44803 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44856 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44858 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44876 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44844 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44846 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44898 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44891 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9866 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9866, GHSA-jvxx-8xxf-5495
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wamt-3g12-t7ch |
|
| 43 |
| url |
VCID-xu1c-xtb4-9ygg |
| vulnerability_id |
VCID-xu1c-xtb4-9ygg |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6623 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67983 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67889 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67912 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67931 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6791 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67961 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67975 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67998 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67985 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6795 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67987 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.68 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6623 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6623, GHSA-2mcj-3r3r-v5wm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xu1c-xtb4-9ygg |
|
| 44 |
| url |
VCID-yfja-ssw3-skh1 |
| vulnerability_id |
VCID-yfja-ssw3-skh1 |
| summary |
Information Exposure
When the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-6799 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98948 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98933 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98935 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98937 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98939 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98941 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98943 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98944 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98946 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98947 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-6799 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2019-6799 |
| reference_id |
CVE-2019-6799 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:P/I:N/A:N |
|
| 1 |
| value |
5.9 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 2 |
| value |
5.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2019-6799 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-6799, GHSA-c8wj-q36q-3wg4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yfja-ssw3-skh1 |
|
| 45 |
| url |
VCID-z22z-a5bq-97d3 |
| vulnerability_id |
VCID-z22z-a5bq-97d3 |
| summary |
Uncontrolled Resouce Consumption
An issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6618 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67983 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67889 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67912 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67931 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6791 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67961 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67975 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67998 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67985 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6795 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67987 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.68 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6618 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6618, GHSA-rv6m-chvv-wmxg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z22z-a5bq-97d3 |
|
| 46 |
| url |
VCID-zg16-dfu1-g7dn |
| vulnerability_id |
VCID-zg16-dfu1-g7dn |
| summary |
Information Exposure
An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6613 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61453 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61298 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61377 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61406 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61375 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61422 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61437 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61459 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61444 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61426 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61465 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61469 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6613 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2016-6613, GHSA-6j2v-g9rg-qcm5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zg16-dfu1-g7dn |
|
| 47 |
| url |
VCID-znfm-ak2t-mqdd |
| vulnerability_id |
VCID-znfm-ak2t-mqdd |
| summary |
phpMyAdmin SQL injection vulnerability
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10803 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87708 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87643 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87653 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87666 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87667 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87688 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87694 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87706 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87699 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87697 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87712 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10803 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-10803, GHSA-fcww-8wvc-38q9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-znfm-ak2t-mqdd |
|
| 48 |
| url |
VCID-zreq-41ja-pbf1 |
| vulnerability_id |
VCID-zreq-41ja-pbf1 |
| summary |
Improper Input Validation
phpMyAdmin is vulnerable to a DoS weakness in the table editing functionality. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000014 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78417 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.7847 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78475 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78455 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78474 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78448 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78396 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78403 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78443 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78434 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000014 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| purl |
pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jjv-4en4-e3gx |
|
| 1 |
| vulnerability |
VCID-5657-kcyh-7bc2 |
|
| 2 |
| vulnerability |
VCID-986a-3m4g-83ge |
|
| 3 |
| vulnerability |
VCID-br1c-5bzf-ufeu |
|
| 4 |
| vulnerability |
VCID-c91y-txcw-2kdy |
|
| 5 |
| vulnerability |
VCID-ebk2-vjau-57h9 |
|
| 6 |
| vulnerability |
VCID-fchc-55te-akhe |
|
| 7 |
| vulnerability |
VCID-g6ud-92qe-hqcx |
|
| 8 |
| vulnerability |
VCID-gu4y-aeqx-mqak |
|
| 9 |
| vulnerability |
VCID-hnud-ktgb-dfe6 |
|
| 10 |
| vulnerability |
VCID-jma9-9uhu-xuc3 |
|
| 11 |
| vulnerability |
VCID-mwtw-n1tv-hfd9 |
|
| 12 |
| vulnerability |
VCID-ngtc-xtjn-xbhp |
|
| 13 |
| vulnerability |
VCID-qcra-cu62-43he |
|
| 14 |
| vulnerability |
VCID-rqy8-n6fr-hqey |
|
| 15 |
| vulnerability |
VCID-scu3-cfyc-9qfz |
|
| 16 |
| vulnerability |
VCID-tbnx-nuzv-ebdc |
|
| 17 |
| vulnerability |
VCID-tks3-6uv4-kygf |
|
| 18 |
| vulnerability |
VCID-yfja-ssw3-skh1 |
|
| 19 |
| vulnerability |
VCID-ym9b-4su6-6fbr |
|
| 20 |
| vulnerability |
VCID-znfm-ak2t-mqdd |
|
| 21 |
| vulnerability |
VCID-zyzp-aqd8-e3a9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0 |
|
|
| aliases |
CVE-2017-1000014, GHSA-9hrc-rwrq-v6mh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zreq-41ja-pbf1 |
|
| 49 |
| url |
VCID-zyzp-aqd8-e3a9 |
| vulnerability_id |
VCID-zyzp-aqd8-e3a9 |
| summary |
phpMyAdmin Cross-Site Request Forgery (CSRF)
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12922 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97459 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97422 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97429 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97433 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97434 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97441 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97442 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97445 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97447 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97456 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.9746 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12922 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12922, GHSA-4c9q-64gq-xhx4
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzp-aqd8-e3a9 |
|