Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/273448?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "type": "deb", "namespace": "debian", "name": "phpmyadmin", "version": "4:4.2.12-2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4:5.2.2-really+dfsg-1+deb13u1", "latest_non_vulnerable_version": "4:5.2.2-really+dfsg-1+deb13u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98162?format=api", "vulnerability_id": "VCID-1drk-gzqj-2qc5", "summary": "Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.66058", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.6611", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5099" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1drk-gzqj-2qc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38033?format=api", "vulnerability_id": "VCID-1hvw-4h4d-zkhv", "summary": "Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin allow remote authenticated users to inject arbitrary web script or HTML.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.66068", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.66016", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2040", "reference_id": "CVE-2016-2040", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2040" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2040", "GHSA-pw34-qf6c-84fc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hvw-4h4d-zkhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38671?format=api", "vulnerability_id": "VCID-23dq-w66r-k3bt", "summary": "Cross-site Scripting\nphpMyAdmin is vulnerable to a CSS injection attack through crafted cookie parameters.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68533", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68574", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000015" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://web.archive.org/web/20210123220229/http://www.securityfocus.com/bid/95726", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220229/http://www.securityfocus.com/bid/95726" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-4" }, { "reference_url": "http://www.securityfocus.com/bid/95726", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95726" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000015", "reference_id": "CVE-2017-1000015", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000015" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2017-1000015", "GHSA-3fgq-cmr4-97rr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-23dq-w66r-k3bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98158?format=api", "vulnerability_id": "VCID-27w6-zhxk-x7e7", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1) normalization.php or (2) js/normalization.js in the database normalization page, (3) templates/database/structure/sortable_header.phtml in the database structure page, or (4) the pos parameter to db_central_columns.php in the central columns page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67632", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67673", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2561" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-27w6-zhxk-x7e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43957?format=api", "vulnerability_id": "VCID-282b-1ugg-yuev", "summary": "phpMyAdmin server-side request forgery (SSRF)\nThe setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6621", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00551", "scoring_system": "epss", "scoring_elements": "0.68388", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00551", "scoring_system": "epss", "scoring_elements": "0.68346", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6621" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-44", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-44" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6621", "reference_id": "CVE-2016-6621", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6621" }, { "reference_url": "https://github.com/advisories/GHSA-44vv-mm86-7cg6", "reference_id": "GHSA-44vv-mm86-7cg6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-44vv-mm86-7cg6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6621", "GHSA-44vv-mm86-7cg6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-282b-1ugg-yuev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52411?format=api", "vulnerability_id": "VCID-2at1-y3qg-77fb", "summary": "Cross-site Scripting\nAn SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in `tbl_get_field.php` and `libraries/classes/Display/Results.php`). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10803", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02712", "scoring_system": "epss", "scoring_elements": "0.86212", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02712", "scoring_system": "epss", "scoring_elements": "0.86191", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-4" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-4/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666", "reference_id": "954666", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10803", "reference_id": "CVE-2020-10803", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10803" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-10803", "GHSA-fcww-8wvc-38q9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2at1-y3qg-77fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38148?format=api", "vulnerability_id": "VCID-2vqn-z4en-duh4", "summary": "Information Exposure\nphpMyAdmin allows remote attackers to obtain sensitive information.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.80195", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.80219", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5730" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/27664605b945b13e1d2b71adea822ace2099cc96", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/27664605b945b13e1d2b71adea822ace2099cc96" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/331c560fbfa0e7d2dce674b5e88e983c5f2a451d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/331c560fbfa0e7d2dce674b5e88e983c5f2a451d" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/96e0aa35653ec0c66084a7e9343465e16c1f769b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/96e0aa35653ec0c66084a7e9343465e16c1f769b" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/b0180f18c828706af3a6800f0fb01a536d3ef8c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/b0180f18c828706af3a6800f0fb01a536d3ef8c7" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/cd229d718e8cb4bc8ba32446beaa82d27727b6f0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/cd229d718e8cb4bc8ba32446beaa82d27727b6f0" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-23" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-23/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-23/" }, { "reference_url": "http://www.securityfocus.com/bid/91379", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/91379" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5730", "reference_id": "CVE-2016-5730", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5730" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5730", "GHSA-wm9c-vcv2-vpqc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vqn-z4en-duh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98187?format=api", "vulnerability_id": "VCID-31jg-3pzb-y3b6", "summary": "An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the fopen wrapper issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69583", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69544", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9853" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9853", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9853" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210127193655/http://www.securityfocus.com/bid/94527", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210127193655/http://www.securityfocus.com/bid/94527" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-63", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-63" }, { "reference_url": "https://github.com/advisories/GHSA-rmmf-5xhh-gg27", "reference_id": "GHSA-rmmf-5xhh-gg27", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rmmf-5xhh-gg27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9853", "GHSA-rmmf-5xhh-gg27" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31jg-3pzb-y3b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52413?format=api", "vulnerability_id": "VCID-32ja-yuuw-bbbh", "summary": "SQL Injection\nAn SQL injection vulnerability was found in retrieval of the current username (in `libraries/classes/Server/Privileges.php` and `libraries/classes/UserPassword.php`). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01913", "scoring_system": "epss", "scoring_elements": "0.83658", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01913", "scoring_system": "epss", "scoring_elements": "0.83633", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-2" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-2/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667", "reference_id": "954667", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10804", "reference_id": "CVE-2020-10804", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10804" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-10804", "GHSA-h65r-8fp8-w7cx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-32ja-yuuw-bbbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98160?format=api", "vulnerability_id": "VCID-33kv-ye2c-ebax", "summary": "phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5097", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00551", "scoring_system": "epss", "scoring_elements": "0.68358", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00551", "scoring_system": "epss", "scoring_elements": "0.68399", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5097" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5097" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-33kv-ye2c-ebax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43920?format=api", "vulnerability_id": "VCID-33mh-s92h-c7ht", "summary": "phpMyAdmin vulnerable to Cross-Site Request Forgery\nThe Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00919", "scoring_system": "epss", "scoring_elements": "0.76367", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00919", "scoring_system": "epss", "scoring_elements": "0.76339", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-28", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-28" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5739", "reference_id": "CVE-2016-5739", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5739" }, { "reference_url": "https://github.com/advisories/GHSA-2p7v-jm8m-g3qq", "reference_id": "GHSA-2p7v-jm8m-g3qq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2p7v-jm8m-g3qq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5739", "GHSA-2p7v-jm8m-g3qq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-33mh-s92h-c7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38682?format=api", "vulnerability_id": "VCID-38tp-acy8-57hj", "summary": "Improper Input Validation\nphpMyAdmin is vulnerable to a DoS weakness in the table editing functionality.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78784", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78809", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000014" }, { "reference_url": "https://web.archive.org/web/20210123220105/http://www.securityfocus.com/bid/95721", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220105/http://www.securityfocus.com/bid/95721" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-3" }, { "reference_url": "http://www.securityfocus.com/bid/95721", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95721" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000014", "reference_id": "CVE-2017-1000014", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000014" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2017-1000014", "GHSA-9hrc-rwrq-v6mh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-38tp-acy8-57hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38286?format=api", "vulnerability_id": "VCID-3va7-xx14-gkds", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55792", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55735", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-36", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-36" }, { "reference_url": "http://www.securityfocus.com/bid/94115", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94115" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6613", "reference_id": "CVE-2016-6613", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6613" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6613", "GHSA-6j2v-g9rg-qcm5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3va7-xx14-gkds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38281?format=api", "vulnerability_id": "VCID-44uc-xrvp-7bet", "summary": "Incomplete List of Disallowed Inputs\nAn issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62366", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.6232", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-47", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-47" }, { "reference_url": "http://www.securityfocus.com/bid/92489", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92489" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6624", "reference_id": "CVE-2016-6624", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6624" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6624", "GHSA-mhxj-6vf8-mwv3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44uc-xrvp-7bet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38289?format=api", "vulnerability_id": "VCID-4avx-e9mf-2yb1", "summary": "Uncontrolled Resouce Consumption\nAn issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00756", "scoring_system": "epss", "scoring_elements": "0.73661", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00756", "scoring_system": "epss", "scoring_elements": "0.73626", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-41", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-41" }, { "reference_url": "http://www.securityfocus.com/bid/95047", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/95047" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6618", "reference_id": "CVE-2016-6618", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6618" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6618", "GHSA-rv6m-chvv-wmxg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4avx-e9mf-2yb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38034?format=api", "vulnerability_id": "VCID-4kax-4bpz-g7c5", "summary": "Covert Timing Channel\n`libraries/common.inc.php` in phpMyAdmin does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77659", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77687", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2041", "reference_id": "CVE-2016-2041", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2041" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2041", "GHSA-8m97-xc46-rw9w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4kax-4bpz-g7c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38287?format=api", "vulnerability_id": "VCID-4vgu-cagj-hfhb", "summary": "Command Injection\nAn issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61758", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61709", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-32" }, { "reference_url": "http://www.securityfocus.com/bid/94112", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94112" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6609", "reference_id": "CVE-2016-6609", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6609" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6609", "GHSA-wpww-hx7x-xfjh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4vgu-cagj-hfhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40500?format=api", "vulnerability_id": "VCID-4wn2-pnbv-sked", "summary": "Cross-site Scripting\nIn phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.80037", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01296", "scoring_system": "epss", "scoring_elements": "0.80063", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html" }, { "reference_url": "https://security.gentoo.org/glsa/201904-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201904-16" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-8" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-8/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-8/" }, { "reference_url": "http://www.securityfocus.com/bid/106181", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106181" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19970", "reference_id": "CVE-2018-19970", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19970" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19970", "GHSA-8987-93fh-rcwq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4wn2-pnbv-sked" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40494?format=api", "vulnerability_id": "VCID-52xs-45kd-w3hz", "summary": "Information Exposure\nAn attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85315", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85291", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html" }, { "reference_url": "https://security.gentoo.org/glsa/201904-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201904-16" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-6" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-6/" }, { "reference_url": "http://www.securityfocus.com/bid/106178", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106178" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19968", "reference_id": "CVE-2018-19968", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19968" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19968", "GHSA-xc97-r49q-cxgc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-52xs-45kd-w3hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56527?format=api", "vulnerability_id": "VCID-59mu-8aep-9ycn", "summary": "phpMyAdmin XSS when checking tables\nAn issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24530", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54052", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24530" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2025-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2025-1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24530", "reference_id": "CVE-2025-24530", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24530" }, { "reference_url": "https://github.com/advisories/GHSA-222v-cx2c-q2f5", "reference_id": "GHSA-222v-cx2c-q2f5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-222v-cx2c-q2f5" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2025-1/", "reference_id": "PMASA-2025-1", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T15:02:00Z/" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2025-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195444?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gx8h-5h14-dqez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1" } ], "aliases": [ "CVE-2025-24530", "GHSA-222v-cx2c-q2f5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-59mu-8aep-9ycn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98168?format=api", "vulnerability_id": "VCID-5bu8-wy7w-bqfc", "summary": "An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector (IV) is used to hash the username and password stored in the phpMyAdmin cookie. If a user has the same password as their username, an attacker who examines the browser cookie can see that they are the same - but the attacker can not directly decode these values from the cookie as it is still hashed. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.59533", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.59583", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6606" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6606" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bu8-wy7w-bqfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53948?format=api", "vulnerability_id": "VCID-5jye-2stz-fqam", "summary": "Uncontrolled Resource Consumption\nThe jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package \"jquery-validation\". jquery-validation before version 1.19.3 contains one or more regular expressions that is vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.73021", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.72983", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/pull/2371", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/pull/2371" }, { "reference_url": "https://jqueryvalidation.org/#installation-via-package-managers", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jqueryvalidation.org/#installation-via-package-managers" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210219-0005/" }, { "reference_url": "https://www.npmjs.com/package/jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/package/jquery-validation" }, { "reference_url": "https://www.nuget.org/packages/jquery.validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.nuget.org/packages/jquery.validation" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096941", "reference_id": "2096941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891", "reference_id": "980891", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892", "reference_id": "980892", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21252", "reference_id": "CVE-2021-21252", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21252" }, { "reference_url": "https://github.com/advisories/GHSA-jxwx-85vp-gvwm", "reference_id": "GHSA-jxwx-85vp-gvwm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-jxwx-85vp-gvwm" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm", "reference_id": "GHSA-jxwx-85vp-gvwm", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2021-21252", "GHSA-jxwx-85vp-gvwm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jye-2stz-fqam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98153?format=api", "vulnerability_id": "VCID-6gs5-cswx-bfeb", "summary": "phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2042.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2042.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00577", "scoring_system": "epss", "scoring_elements": "0.69183", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00577", "scoring_system": "epss", "scoring_elements": "0.69222", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2042" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302682", "reference_id": "1302682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302682" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2042" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6gs5-cswx-bfeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98177?format=api", "vulnerability_id": "VCID-7avk-rmwd-yugt", "summary": "An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02323", "scoring_system": "epss", "scoring_elements": "0.85098", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02323", "scoring_system": "epss", "scoring_elements": "0.85122", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6620" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6620" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7avk-rmwd-yugt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98139?format=api", "vulnerability_id": "VCID-7ntf-d3af-nbbk", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.69981", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70022", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" } ], "aliases": [ "CVE-2014-8958" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ntf-d3af-nbbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98196?format=api", "vulnerability_id": "VCID-7vpu-x9mb-q3c6", "summary": "In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-5504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10648", "scoring_system": "epss", "scoring_elements": "0.93435", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.2219", "scoring_system": "epss", "scoring_elements": "0.95911", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-5504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504" }, { "reference_url": "https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml" }, { "reference_url": "https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5504", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5504" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718", "reference_id": "948718", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt", "reference_id": "CVE-2020-5504", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt" }, { "reference_url": "https://github.com/advisories/GHSA-fgj8-93xx-f6g6", "reference_id": "GHSA-fgj8-93xx-f6g6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fgj8-93xx-f6g6" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-5504", "GHSA-fgj8-93xx-f6g6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vpu-x9mb-q3c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98163?format=api", "vulnerability_id": "VCID-84n7-nzzg-juhz", "summary": "phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48296", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48233", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5702" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/27caf5b46bd0890e576fea7bd7b166a0639fdf68", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/27caf5b46bd0890e576fea7bd7b166a0639fdf68" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5702", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5702" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-18", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-18" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-18/" }, { "reference_url": "https://github.com/advisories/GHSA-xqw9-ffx7-g998", "reference_id": "GHSA-xqw9-ffx7-g998", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xqw9-ffx7-g998" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5702", "GHSA-xqw9-ffx7-g998" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84n7-nzzg-juhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98173?format=api", "vulnerability_id": "VCID-8jt7-y15v-83gj", "summary": "XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature (a specially-crafted database name can be used to trigger an XSS attack); the \"Tracking\" feature (a specially-crafted query can be used to trigger an XSS attack); and GIS visualization feature. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55451", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55507", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6615" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6615" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jt7-y15v-83gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41055?format=api", "vulnerability_id": "VCID-8rvw-n1fg-ffc2", "summary": "Cross-Site Request Forgery (CSRF)\nA vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken `<img>` tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific `INSERT` or `DELETE` statement) to the victim.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.49922", "scoring_system": "epss", "scoring_elements": "0.97869", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.52136", "scoring_system": "epss", "scoring_elements": "0.97969", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec" }, { "reference_url": "https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html" }, { "reference_url": "https://www.phpmyadmin.net/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-4" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-4/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017", "reference_id": "930017", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt", "reference_id": "CVE-2019-12616", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12616", "reference_id": "CVE-2019-12616", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12616" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-12616", "GHSA-mfr9-pcm3-6mwc" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8rvw-n1fg-ffc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98176?format=api", "vulnerability_id": "VCID-8yxm-e33n-d7gj", "summary": "An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55406", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55462", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6619" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6619" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yxm-e33n-d7gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98179?format=api", "vulnerability_id": "VCID-9nh7-ny6c-n3cd", "summary": "An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6626", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49363", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49425", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6626" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6626" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9nh7-ny6c-n3cd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98164?format=api", "vulnerability_id": "VCID-9tdu-572c-tbb2", "summary": "SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5703", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81885", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81918", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5703" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5703", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5703" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5703" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tdu-572c-tbb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98185?format=api", "vulnerability_id": "VCID-ajeh-4q9t-sydz", "summary": "An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68788", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68828", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9850" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9850" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajeh-4q9t-sydz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40645?format=api", "vulnerability_id": "VCID-ajf6-bk2g-wkb7", "summary": "Information Exposure\nWhen the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76961", "scoring_system": "epss", "scoring_elements": "0.98978", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.76961", "scoring_system": "epss", "scoring_elements": "0.98979", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-1" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-1/" }, { "reference_url": "http://www.securityfocus.com/bid/106736", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106736" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823", "reference_id": "920823", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6799", "reference_id": "CVE-2019-6799", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6799" }, { "reference_url": "https://github.com/advisories/GHSA-c8wj-q36q-3wg4", "reference_id": "GHSA-c8wj-q36q-3wg4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c8wj-q36q-3wg4" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-6799", "GHSA-c8wj-q36q-3wg4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajf6-bk2g-wkb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53708?format=api", "vulnerability_id": "VCID-b2nf-6pr3-xqaa", "summary": "SQL Injection\nAn issue was discovered in SearchController in phpMyAdmin. An SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://advisory.checkmarx.net/advisory/CX-2020-4281", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://advisory.checkmarx.net/advisory/CX-2020-4281" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89641", "scoring_system": "epss", "scoring_elements": "0.99579", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.89641", "scoring_system": "epss", "scoring_elements": "0.99581", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5" }, { "reference_url": "https://security.gentoo.org/glsa/202101-35", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202101-35" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-6", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-6" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-6/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000", "reference_id": "972000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26935", "reference_id": "CVE-2020-26935", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26935" }, { "reference_url": "https://github.com/advisories/GHSA-7ff4-cv53-4cjq", "reference_id": "GHSA-7ff4-cv53-4cjq", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7ff4-cv53-4cjq" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-26935", "GHSA-7ff4-cv53-4cjq" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2nf-6pr3-xqaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98155?format=api", "vulnerability_id": "VCID-b4jk-yjfy-pfcv", "summary": "libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.6338", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63423", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2044" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2044", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2044" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2044" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b4jk-yjfy-pfcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38046?format=api", "vulnerability_id": "VCID-b6ng-ygap-zqh4", "summary": "Improper Input Validation\nThe `checkHTTP` function in `libraries/Config.class.php` in phpMyAdmin does not verify X.509 certificates from `api.github.com` SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2562", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4589", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45959", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-13" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-13/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2562", "reference_id": "CVE-2016-2562", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2562" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2562", "GHSA-w8qg-j9fp-hrjf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ng-ygap-zqh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40646?format=api", "vulnerability_id": "VCID-bd83-vf81-sfa4", "summary": "SQL Injection\nAn issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60597", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60645", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-2" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-2/" }, { "reference_url": "http://www.securityfocus.com/bid/106727", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106727" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822", "reference_id": "920822", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6798", "reference_id": "CVE-2019-6798", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6798" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-6798", "GHSA-f732-fxh6-g4qj" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bd83-vf81-sfa4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43916?format=api", "vulnerability_id": "VCID-bddg-5zgr-3uew", "summary": "phpMyAdmin vulnerable to Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an \"invalid JSON\" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69998", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.70039", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/03f73d48369703e0d3584699b08e24891c3295b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/03f73d48369703e0d3584699b08e24891c3295b8" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/0b7416c5f4439ed3f11c023785f2d4c49a1b09fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/0b7416c5f4439ed3f11c023785f2d4c49a1b09fc" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/364732e309cccb3fb56c938ed8d8bc0e04a3ca98", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/364732e309cccb3fb56c938ed8d8bc0e04a3ca98" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/36df83a97a7f140fdb008b727a94f882847c6a6f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/36df83a97a7f140fdb008b727a94f882847c6a6f" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/57ae483bad33059a885366d5445b7e1f6f29860a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/57ae483bad33059a885366d5445b7e1f6f29860a" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223416/http://www.securityfocus.com/bid/91378", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223416/http://www.securityfocus.com/bid/91378" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-21", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-21" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5705", "reference_id": "CVE-2016-5705", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5705" }, { "reference_url": "https://github.com/advisories/GHSA-6q2j-8h8q-46mr", "reference_id": "GHSA-6q2j-8h8q-46mr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6q2j-8h8q-46mr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5705", "GHSA-6q2j-8h8q-46mr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bddg-5zgr-3uew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38678?format=api", "vulnerability_id": "VCID-btc1-yng3-ckhx", "summary": "Improper Input Validation\nphpMyAdmin is vulnerable to a DoS attack in the replication status by using a specially crafted table name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.80034", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.8006", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000018" }, { "reference_url": "https://web.archive.org/web/20210123220317/http://www.securityfocus.com/bid/95738", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220317/http://www.securityfocus.com/bid/95738" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-7" }, { "reference_url": "http://www.securityfocus.com/bid/95738", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95738" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000018", "reference_id": "CVE-2017-1000018", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000018" }, { "reference_url": "https://github.com/advisories/GHSA-47qr-f86f-3wm4", "reference_id": "GHSA-47qr-f86f-3wm4", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-47qr-f86f-3wm4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2017-1000018", "GHSA-47qr-f86f-3wm4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btc1-yng3-ckhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44158?format=api", "vulnerability_id": "VCID-cbjd-e3sk-m7bu", "summary": "Cross-Site Request Forgery (CSRF)\nAn issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.4472", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44791", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9866" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-71", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-71" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9866", "reference_id": "CVE-2016-9866", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9866" }, { "reference_url": "https://github.com/advisories/GHSA-jvxx-8xxf-5495", "reference_id": "GHSA-jvxx-8xxf-5495", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-jvxx-8xxf-5495" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9866", "GHSA-jvxx-8xxf-5495" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbjd-e3sk-m7bu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98152?format=api", "vulnerability_id": "VCID-crn9-f6qt-qfg5", "summary": "libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59897", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59944", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2039" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crn9-f6qt-qfg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98150?format=api", "vulnerability_id": "VCID-cth2-72mg-6yfr", "summary": "libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65794", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65847", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8669" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8669" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cth2-72mg-6yfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98146?format=api", "vulnerability_id": "VCID-cz55-m46r-37gb", "summary": "Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44306", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44375", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2015-3902" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cz55-m46r-37gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98151?format=api", "vulnerability_id": "VCID-d7jk-a94y-n3ca", "summary": "phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.79276", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.79302", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2038" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2038" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7jk-a94y-n3ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98165?format=api", "vulnerability_id": "VCID-dbk1-n9kh-dfhm", "summary": "Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.5143", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51368", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5704" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/72213573182896bd6a6e5af5ba1881dd87c4a20b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/72213573182896bd6a6e5af5ba1881dd87c4a20b" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5704", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5704" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-20", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-20" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-20/" }, { "reference_url": "https://github.com/advisories/GHSA-gcvp-cwgw-wx8j", "reference_id": "GHSA-gcvp-cwgw-wx8j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gcvp-cwgw-wx8j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5704", "GHSA-gcvp-cwgw-wx8j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dbk1-n9kh-dfhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98190?format=api", "vulnerability_id": "VCID-dfsz-1y13-yug9", "summary": "An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in saved searches feature. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9858", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00553", "scoring_system": "epss", "scoring_elements": "0.68419", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00553", "scoring_system": "epss", "scoring_elements": "0.6846", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9858" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9858", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9858" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9858" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dfsz-1y13-yug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98156?format=api", "vulnerability_id": "VCID-dgvs-kqpd-gfcy", "summary": "Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52025", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52085", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2045" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2045" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgvs-kqpd-gfcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98184?format=api", "vulnerability_id": "VCID-dj5f-y77j-d7dx", "summary": "An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9849", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44277", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53113", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9849" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9849", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9849" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9849" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dj5f-y77j-d7dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52410?format=api", "vulnerability_id": "VCID-dx3h-z4dg-m3e1", "summary": "SQL Injection\nIn phpMyAdmin, an SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in `libraries/classes/Controllers/Table/TableSearchController.php`. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01229", "scoring_system": "epss", "scoring_elements": "0.79522", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01229", "scoring_system": "epss", "scoring_elements": "0.79495", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-3" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-3/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665", "reference_id": "954665", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10802", "reference_id": "CVE-2020-10802", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10802" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-10802", "GHSA-f4cr-3xmc-2wpm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dx3h-z4dg-m3e1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98154?format=api", "vulnerability_id": "VCID-g2uy-ekyf-4bcj", "summary": "Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2043", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60616", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60664", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2043" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2043" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2043" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g2uy-ekyf-4bcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38288?format=api", "vulnerability_id": "VCID-gmjk-222y-abda", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user session, username, and password are not compromised by this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51188", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51126", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-48", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-48" }, { "reference_url": "http://www.securityfocus.com/bid/92491", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92491" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6625", "reference_id": "CVE-2016-6625", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6625" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6625", "GHSA-r643-7xfg-ppc5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gmjk-222y-abda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44087?format=api", "vulnerability_id": "VCID-gqxb-6rey-rbhv", "summary": "phpMyAdmin vulnerable to Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.78254", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.78228", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-26", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-26" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5733", "reference_id": "CVE-2016-5733", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5733" }, { "reference_url": "https://github.com/advisories/GHSA-cr65-p662-fx5c", "reference_id": "GHSA-cr65-p662-fx5c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cr65-p662-fx5c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5733", "GHSA-cr65-p662-fx5c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gqxb-6rey-rbhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38279?format=api", "vulnerability_id": "VCID-gtps-py3z-13cu", "summary": "Code Injection\nAn issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83293", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83267", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-56", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-56" }, { "reference_url": "http://www.securityfocus.com/bid/92500", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92500" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6633", "reference_id": "CVE-2016-6633", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6633" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6633", "GHSA-p849-vf5f-f3x7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtps-py3z-13cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98170?format=api", "vulnerability_id": "VCID-gzwb-ju7m-juf7", "summary": "A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6610", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55394", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.5545", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6610" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gzwb-ju7m-juf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98197?format=api", "vulnerability_id": "VCID-har4-gaft-m7e8", "summary": "An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51668", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24529" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2025-2/", "reference_id": "PMASA-2025-2", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T15:02:51Z/" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2025-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195444?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gx8h-5h14-dqez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1" } ], "aliases": [ "CVE-2025-24529" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-har4-gaft-m7e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98182?format=api", "vulnerability_id": "VCID-hbp6-s544-pqaw", "summary": "An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04156", "scoring_system": "epss", "scoring_elements": "0.88865", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04156", "scoring_system": "epss", "scoring_elements": "0.88883", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6631" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6631" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hbp6-s544-pqaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98157?format=api", "vulnerability_id": "VCID-hw5n-kv9r-8yej", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Host HTTP header, related to libraries/Config.class.php; (2) crafted JSON data, related to file_echo.php; (3) a crafted SQL query, related to js/functions.js; (4) the initial parameter to libraries/server_privileges.lib.php in the user accounts page; or (5) the it parameter to libraries/controllers/TableSearchController.class.php in the zoom search page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80346", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80371", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2560" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hw5n-kv9r-8yej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38670?format=api", "vulnerability_id": "VCID-j589-8hrn-9bae", "summary": "Improper Input Validation\nA weakness was discovered where an attacker can inject arbitrary values in to the browser cookies.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65823", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65876", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000016" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/3b6ed1f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/3b6ed1f" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-5" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000016", "reference_id": "CVE-2017-1000016", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000016" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2017-1000016", "GHSA-j2cq-h6v2-f875" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j589-8hrn-9bae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98183?format=api", "vulnerability_id": "VCID-jabw-t2hb-q3e9", "summary": "An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.567", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56752", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9848" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9848", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9848" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9848" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jabw-t2hb-q3e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98174?format=api", "vulnerability_id": "VCID-jemb-avnk-c7eb", "summary": "An issue was discovered in phpMyAdmin. In the \"User group\" and \"Designer\" features, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5312", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53182", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6616" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6616" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jemb-avnk-c7eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38274?format=api", "vulnerability_id": "VCID-jmn8-a5r9-2qc8", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00944", "scoring_system": "epss", "scoring_elements": "0.7669", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00944", "scoring_system": "epss", "scoring_elements": "0.7666", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-45", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-45" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6622", "reference_id": "CVE-2016-6622", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6622" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6622", "GHSA-qf3f-7x69-qfv3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmn8-a5r9-2qc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98143?format=api", "vulnerability_id": "VCID-jvvf-kwtm-6qb7", "summary": "libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15266", "scoring_system": "epss", "scoring_elements": "0.94744", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.15266", "scoring_system": "epss", "scoring_elements": "0.94752", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194", "reference_id": "774194", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/35539.txt", "reference_id": "CVE-2014-9218;OSVDB-115322", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/35539.txt" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" } ], "aliases": [ "CVE-2014-9218" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvvf-kwtm-6qb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98167?format=api", "vulnerability_id": "VCID-jxf7-1cq4-t3cv", "summary": "phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.87019", "scoring_system": "epss", "scoring_elements": "0.99456", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.87019", "scoring_system": "epss", "scoring_elements": "0.99457", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5734", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5734" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387" }, { "reference_url": "https://www.exploit-db.com/exploits/40185", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/40185" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-27", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-27" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py", "reference_id": "CVE-2016-5734", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py" }, { "reference_url": "https://github.com/advisories/GHSA-rv57-479x-x4qv", "reference_id": "GHSA-rv57-479x-x4qv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rv57-479x-x4qv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5734", "GHSA-rv57-479x-x4qv" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxf7-1cq4-t3cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38149?format=api", "vulnerability_id": "VCID-k5ph-wws1-fqg4", "summary": "Cross-site Scripting\nCross-site scripting (XSS) vulnerability in `examples/openid.php` in phpMyAdmin allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62546", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.625", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48c" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/52e7898", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/52e7898" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/5fefa51", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/5fefa51" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/78f6c54", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/78f6c54" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94ab", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94ab" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/d005ba6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d005ba6" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-24", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-24" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5731", "reference_id": "CVE-2016-5731", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5731" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5731", "GHSA-mwm8-36c5-j5cf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k5ph-wws1-fqg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52056?format=api", "vulnerability_id": "VCID-kfr7-v6tb-eqau", "summary": "SQL Injection\nA crafted database/table name can be used to trigger a SQL injection attack through the designer feature.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68544", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68503", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622" }, { "reference_url": "https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/" }, { "reference_url": "https://security.gentoo.org/glsa/202003-39", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202003-39" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-5" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-5/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349", "reference_id": "945349", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18622", "reference_id": "CVE-2019-18622", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18622" }, { "reference_url": "https://github.com/advisories/GHSA-jgjc-332c-8cmc", "reference_id": "GHSA-jgjc-332c-8cmc", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jgjc-332c-8cmc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-18622", "GHSA-jgjc-332c-8cmc" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfr7-v6tb-eqau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39583?format=api", "vulnerability_id": "VCID-kfrx-mmr7-euep", "summary": "Cross-Site Request Forgery (CSRF)\nphpMyAdm has CSRF, allowing an attacker to execute arbitrary SQL statements, related to `js/db_operations.js`, `js/tbl_operations.js`, `libraries/classes/Operations.php`, and `sql.php.`", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.71236", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.7128", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10188" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641" }, { "reference_url": "https://www.exploit-db.com/exploits/44496", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44496" }, { "reference_url": "https://www.exploit-db.com/exploits/44496/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44496/" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-2" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-2/" }, { "reference_url": "http://www.securityfocus.com/bid/103936", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/103936" }, { "reference_url": "http://www.securitytracker.com/id/1040752", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1040752" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490", "reference_id": "896490", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html", "reference_id": "CVE-2018-10188", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10188", "reference_id": "CVE-2018-10188", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10188" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2018-10188", "GHSA-v6fp-h79x-9rqc" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfrx-mmr7-euep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98171?format=api", "vulnerability_id": "VCID-kwtj-jk24-zffq", "summary": "An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68338", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68381", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6611" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6611" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwtj-jk24-zffq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44313?format=api", "vulnerability_id": "VCID-m2g6-2ztp-tuam", "summary": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nSQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-22452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03245", "scoring_system": "epss", "scoring_elements": "0.87375", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03245", "scoring_system": "epss", "scoring_elements": "0.87353", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-22452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/issues/15898", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/issues/15898" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/pull/16004", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/pull/16004" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog", "reference_id": "ChangeLog", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22452", "reference_id": "CVE-2020-22452", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22452" }, { "reference_url": "https://github.com/advisories/GHSA-prcg-mc23-hgjh", "reference_id": "GHSA-prcg-mc23-hgjh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-prcg-mc23-hgjh" }, { "reference_url": "http://phpmyadmin.com", "reference_id": "phpmyadmin.com", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/" } ], "url": "http://phpmyadmin.com" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-22452", "GHSA-prcg-mc23-hgjh" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2g6-2ztp-tuam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44442?format=api", "vulnerability_id": "VCID-m3kq-1cfg-mkgc", "summary": "Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin\nIn phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09658", "scoring_system": "epss", "scoring_elements": "0.93059", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.09658", "scoring_system": "epss", "scoring_elements": "0.93048", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2023-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2023-1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25727", "reference_id": "CVE-2023-25727", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25727" }, { "reference_url": "https://github.com/advisories/GHSA-6hr3-44gx-g6wh", "reference_id": "GHSA-6hr3-44gx-g6wh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6hr3-44gx-g6wh" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2023-1/", "reference_id": "PMASA-2023-1", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2023-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195444?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gx8h-5h14-dqez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1" } ], "aliases": [ "CVE-2023-25727", "GHSA-6hr3-44gx-g6wh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3kq-1cfg-mkgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98192?format=api", "vulnerability_id": "VCID-m59w-cug5-wbe2", "summary": "An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61341", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61389", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9862" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9862" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m59w-cug5-wbe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38285?format=api", "vulnerability_id": "VCID-mgu4-pf1x-r3dy", "summary": "Cross-site Scripting\nXSS issues were discovered in phpMyAdmin. This affects the database privilege check and the \"Remove partitioning\" functionality. Specially crafted database names can trigger the XSS attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.55129", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.5507", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-31", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-31" }, { "reference_url": "http://www.securityfocus.com/bid/93258", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/93258" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6608", "reference_id": "CVE-2016-6608", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6608" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6608", "GHSA-jfmj-27fp-qp67" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgu4-pf1x-r3dy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98149?format=api", "vulnerability_id": "VCID-mxn5-bh7q-gkdb", "summary": "The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171311.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171311.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171326.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171326.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169987.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169987.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7873.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.7057", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70612", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/2b31866fe0b30b867aaf5b5fedb11adb354e037f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/2b31866fe0b30b867aaf5b5fedb11adb354e037f" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7873" }, { "reference_url": "https://web.archive.org/web/20161014120907/http://www.securitytracker.com/id/1034013", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20161014120907/http://www.securitytracker.com/id/1034013" }, { "reference_url": "https://web.archive.org/web/20200228052850/http://www.securityfocus.com/bid/77299", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228052850/http://www.securityfocus.com/bid/77299" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2015-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2015-5" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3382", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3382" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275108", "reference_id": "1275108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275108" }, { "reference_url": "https://github.com/advisories/GHSA-5pmg-qh2c-7j24", "reference_id": "GHSA-5pmg-qh2c-7j24", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5pmg-qh2c-7j24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2015-7873", "GHSA-5pmg-qh2c-7j24" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxn5-bh7q-gkdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52077?format=api", "vulnerability_id": "VCID-mzuh-5e5y-d3hr", "summary": "Improper Neutralization of Escape, Meta, or Control Sequences\nphpMyAdmin does not escape certain Git information, related to `libraries/classes/Display/GitRevision.php` and `libraries/classes/Footer.php`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00997", "scoring_system": "epss", "scoring_elements": "0.77304", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00997", "scoring_system": "epss", "scoring_elements": "0.77333", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html" }, { "reference_url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released" }, { "reference_url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19617", "reference_id": "CVE-2019-19617", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19617" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-19617", "GHSA-pgph-mc4p-f8c3" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzuh-5e5y-d3hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98175?format=api", "vulnerability_id": "VCID-n53q-r421-affh", "summary": "An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54322", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54379", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6617" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6617" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n53q-r421-affh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38278?format=api", "vulnerability_id": "VCID-n66y-s36g-fqck", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72539", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72579", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-65", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-65" }, { "reference_url": "http://www.securityfocus.com/bid/94525", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94525" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9860", "reference_id": "CVE-2016-9860", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9860" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9860", "GHSA-3hw5-fffc-qrg4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n66y-s36g-fqck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97888?format=api", "vulnerability_id": "VCID-np5w-chxm-cyak", "summary": "The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04573", "scoring_system": "epss", "scoring_elements": "0.89396", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04573", "scoring_system": "epss", "scoring_elements": "0.89414", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8980" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851770", "reference_id": "851770", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851770" }, { "reference_url": "https://usn.ubuntu.com/USN-4779-1/", "reference_id": "USN-USN-4779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4779-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8980" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-np5w-chxm-cyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38283?format=api", "vulnerability_id": "VCID-nuju-ekmt-k7g9", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin involving the `$cfg['ArbitraryServerRegexp']` configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by `ArbitraryServerRegexp`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00977", "scoring_system": "epss", "scoring_elements": "0.77051", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00977", "scoring_system": "epss", "scoring_elements": "0.77083", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-52", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-52" }, { "reference_url": "http://www.securityfocus.com/bid/92493", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92493" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6629", "reference_id": "CVE-2016-6629", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6629" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6629", "GHSA-567r-vqj7-5cw7" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuju-ekmt-k7g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38271?format=api", "vulnerability_id": "VCID-nv3j-xj42-wfcw", "summary": "Incomplete List of Disallowed Inputs\nAn issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.4492", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44989", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-66", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-66" }, { "reference_url": "http://www.securityfocus.com/bid/94535", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94535" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9861", "reference_id": "CVE-2016-9861", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9861" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9861", "GHSA-r326-mp8g-6xfc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nv3j-xj42-wfcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39428?format=api", "vulnerability_id": "VCID-p1jn-sxds-mqd1", "summary": "Cross-site Scripting\nCross-site scripting (XSS) vulnerability in `db_central_columns.php` in phpMyAdm allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7260", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53817", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5376", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7260" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3" }, { "reference_url": "https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-1" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-1/" }, { "reference_url": "http://www.securityfocus.com/bid/103099", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/103099" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539", "reference_id": "893539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539" }, { "reference_url": "https://security.archlinux.org/ASA-201802-11", "reference_id": "ASA-201802-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201802-11" }, { "reference_url": "https://security.archlinux.org/AVG-630", "reference_id": "AVG-630", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-630" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7260", "reference_id": "CVE-2018-7260", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7260" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2018-7260", "GHSA-gqmj-f46x-wqhw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p1jn-sxds-mqd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98189?format=api", "vulnerability_id": "VCID-p361-saxs-97g9", "summary": "An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the PMA_shutdownDuringExport issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.6637", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66411", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9855" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9855", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9855" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9855" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p361-saxs-97g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38045?format=api", "vulnerability_id": "VCID-pfdk-db4h-47dx", "summary": "Cross-site Scripting\nA Cross-site scripting (XSS) vulnerability in the format function in `libraries/sql-parser/src/Utils/Error.php` in the SQL parser in phpMyAdmin allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50647", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50585", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-10" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-10/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-10/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2559", "reference_id": "CVE-2016-2559", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2559" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2559", "GHSA-7rf8-9r8f-qf59" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfdk-db4h-47dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98145?format=api", "vulnerability_id": "VCID-pnry-rv8t-v3ff", "summary": "libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.76298", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.76326", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2206" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pnry-rv8t-v3ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98195?format=api", "vulnerability_id": "VCID-q2wv-kbra-5kg8", "summary": "An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01202", "scoring_system": "epss", "scoring_elements": "0.79258", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01202", "scoring_system": "epss", "scoring_elements": "0.79284", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9865" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9865" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2wv-kbra-5kg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39595?format=api", "vulnerability_id": "VCID-q45d-5bf4-tff5", "summary": "Improper Privilege Management\nAn issue was discovered in `libraries/common` which allows users who have no password set to log in even if the administrator has set `$cfg['Servers'][$i]['AllowNoPassword']` to `false` (which is also the default).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54057", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-8" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-8/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2017-8/" }, { "reference_url": "http://www.securityfocus.com/bid/97211", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/97211" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18264", "reference_id": "CVE-2017-18264", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18264" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2017-18264", "GHSA-5868-g58j-vrj5" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q45d-5bf4-tff5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38273?format=api", "vulnerability_id": "VCID-q7pe-bvr1-g3bc", "summary": "Cryptographic Issues\nAn issue was discovered in phpMyAdmin. When the user does not specify a `blowfish_secret` key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's `blowfish_secret` and potentially decrypt their cookies.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62854", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62896", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-58", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-58" }, { "reference_url": "http://www.securityfocus.com/bid/94524", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94524" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9847", "reference_id": "CVE-2016-9847", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9847" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9847", "GHSA-9xhq-pm7v-693p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7pe-bvr1-g3bc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41052?format=api", "vulnerability_id": "VCID-q7rn-1612-quau", "summary": "SQL Injection\nA vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78468", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78495", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-3" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-3/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048", "reference_id": "930048", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11768", "reference_id": "CVE-2019-11768", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11768" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-11768", "GHSA-x37v-98f9-mj32" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7rn-1612-quau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98188?format=api", "vulnerability_id": "VCID-q7zq-5xpn-93dd", "summary": "An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the json_decode issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.6637", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66411", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9854" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9854" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7zq-5xpn-93dd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98193?format=api", "vulnerability_id": "VCID-qeac-129m-1udw", "summary": "An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9863", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00644", "scoring_system": "epss", "scoring_elements": "0.7106", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00644", "scoring_system": "epss", "scoring_elements": "0.71103", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9863" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9863", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9863" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194704/http://www.securityfocus.com/bid/94526", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194704/http://www.securityfocus.com/bid/94526" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-68", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-68" }, { "reference_url": "https://github.com/advisories/GHSA-qgrq-64g6-mmh6", "reference_id": "GHSA-qgrq-64g6-mmh6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-qgrq-64g6-mmh6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9863", "GHSA-qgrq-64g6-mmh6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qeac-129m-1udw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53706?format=api", "vulnerability_id": "VCID-qmj2-pxvt-zqes", "summary": "Cross-site Scripting\nphpMyAdmin allows XSS through the transformation feature via a crafted link.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02788", "scoring_system": "epss", "scoring_elements": "0.86377", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02788", "scoring_system": "epss", "scoring_elements": "0.86354", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5" }, { "reference_url": "https://security.gentoo.org/glsa/202101-35", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202101-35" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-5" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-5/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999", "reference_id": "971999", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26934", "reference_id": "CVE-2020-26934", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26934" }, { "reference_url": "https://github.com/advisories/GHSA-6349-53vr-7hcr", "reference_id": "GHSA-6349-53vr-7hcr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6349-53vr-7hcr" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-26934", "GHSA-6349-53vr-7hcr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmj2-pxvt-zqes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44050?format=api", "vulnerability_id": "VCID-qpj7-uk5e-nbez", "summary": "phpMyAdmin vulnerable to Cross-site Scripting\nsetup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64392", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64348", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-17", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-17" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5701", "reference_id": "CVE-2016-5701", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5701" }, { "reference_url": "https://github.com/advisories/GHSA-rh74-5835-jpxp", "reference_id": "GHSA-rh74-5835-jpxp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rh74-5835-jpxp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5701", "GHSA-rh74-5835-jpxp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpj7-uk5e-nbez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38276?format=api", "vulnerability_id": "VCID-qqyb-zags-bbhz", "summary": "Incomplete Cleanup\nAn issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69162", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69122", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-55", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-55" }, { "reference_url": "http://www.securityfocus.com/bid/92497", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92497" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6632", "reference_id": "CVE-2016-6632", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6632" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6632", "GHSA-426q-975p-w5cr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqyb-zags-bbhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98172?format=api", "vulnerability_id": "VCID-r3z5-cc6j-8yg6", "summary": "An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6614", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0111", "scoring_system": "epss", "scoring_elements": "0.7848", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0111", "scoring_system": "epss", "scoring_elements": "0.78506", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6614" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6614" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6614" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r3z5-cc6j-8yg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40501?format=api", "vulnerability_id": "VCID-r4zz-m2mr-9qeb", "summary": "Cross-Site Request Forgery (CSRF)\nBy deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63408", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63451", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969" }, { "reference_url": "https://security.gentoo.org/glsa/201904-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201904-16" }, { "reference_url": "https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-7" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-7/" }, { "reference_url": "http://www.securityfocus.com/bid/106175", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106175" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19969", "reference_id": "CVE-2018-19969", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19969" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19969", "GHSA-xwf2-53mc-r8hx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r4zz-m2mr-9qeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44163?format=api", "vulnerability_id": "VCID-r9sb-489v-fqc9", "summary": "phpMyAdmin Cryptographic Vulnerability\nThe suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70629", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70672", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a021e4558c2d72", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a021e4558c2d72" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/5530a72e162fab442218486a90ff3365c96fde98", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/5530a72e162fab442218486a90ff3365c96fde98" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/8b6737735be5787d0b98c6cdfe2c7e3131b1bc95", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/8b6737735be5787d0b98c6cdfe2c7e3131b1bc95" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1927", "reference_id": "CVE-2016-1927", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1927" }, { "reference_url": "https://github.com/advisories/GHSA-4gmg-gwjh-3mmr", "reference_id": "GHSA-4gmg-gwjh-3mmr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4gmg-gwjh-3mmr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-1927", "GHSA-4gmg-gwjh-3mmr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9sb-489v-fqc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38275?format=api", "vulnerability_id": "VCID-rc63-nakx-ebbe", "summary": "Cross-site Scripting\nAn issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49373", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49434", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-64", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-64" }, { "reference_url": "http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9857", "reference_id": "CVE-2016-9857", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9857" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9857", "GHSA-hmmx-wxh4-9w8w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rc63-nakx-ebbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98191?format=api", "vulnerability_id": "VCID-rsrk-jwbt-qfhe", "summary": "An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in import feature. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00553", "scoring_system": "epss", "scoring_elements": "0.68419", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00553", "scoring_system": "epss", "scoring_elements": "0.6846", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9859" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9859" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsrk-jwbt-qfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39990?format=api", "vulnerability_id": "VCID-rx9z-rdmm-5fg6", "summary": "Cross-site Scripting\nAn issue was discovered in `js/designer/move.js` in phpMyAdm A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12581", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60579", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60627", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e" }, { "reference_url": "https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530" }, { "reference_url": "https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-3" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-3/" }, { "reference_url": "http://www.securityfocus.com/bid/104530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104530" }, { "reference_url": "http://www.securitytracker.com/id/1041187", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041187" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12581", "reference_id": "CVE-2018-12581", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12581" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2018-12581", "GHSA-vxj6-pm6r-23hq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rx9z-rdmm-5fg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98166?format=api", "vulnerability_id": "VCID-rxz2-tx2n-k3bd", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00224", "scoring_system": "epss", "scoring_elements": "0.45165", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00224", "scoring_system": "epss", "scoring_elements": "0.45097", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5732" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/0815af37f483f329f0c0565d68821fea9c47b5f5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/0815af37f483f329f0c0565d68821fea9c47b5f5" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/792cd1262f012b9b13639519d414f2acaeb5e972", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/792cd1262f012b9b13639519d414f2acaeb5e972" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5732", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5732" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-25", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-25" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-25/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-25/" }, { "reference_url": "https://github.com/advisories/GHSA-3q28-xfw3-2q35", "reference_id": "GHSA-3q28-xfw3-2q35", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3q28-xfw3-2q35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5732", "GHSA-3q28-xfw3-2q35" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxz2-tx2n-k3bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38280?format=api", "vulnerability_id": "VCID-rz6q-hthe-1uer", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. A user can exploit the \"LOAD LOCAL INFILE\" functionality to expose files on the server to the database system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6612", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55792", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55735", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-35", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-35" }, { "reference_url": "http://www.securityfocus.com/bid/94113", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94113" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6612", "reference_id": "CVE-2016-6612", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6612" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6612", "GHSA-fcgm-62p3-f7cm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rz6q-hthe-1uer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98147?format=api", "vulnerability_id": "VCID-s88e-r2gd-9yep", "summary": "libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01171", "scoring_system": "epss", "scoring_elements": "0.79013", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01171", "scoring_system": "epss", "scoring_elements": "0.7904", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2015-3903" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s88e-r2gd-9yep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38284?format=api", "vulnerability_id": "VCID-segg-gk79-9bc6", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47589", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47525", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-62", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-62" }, { "reference_url": "http://www.securityfocus.com/bid/94534", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94534" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9851", "reference_id": "CVE-2016-9851", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9851" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9851", "GHSA-r2vw-p77f-vc27" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-segg-gk79-9bc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43887?format=api", "vulnerability_id": "VCID-tvfz-v881-sufp", "summary": "phpMyAdmin Denial Of Service (DOS) attack\njs/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02778", "scoring_system": "epss", "scoring_elements": "0.8633", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02778", "scoring_system": "epss", "scoring_elements": "0.86352", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/4767f24ea4c1e3822ce71a636c341e8ad8d07aa6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/4767f24ea4c1e3822ce71a636c341e8ad8d07aa6" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/805225a28c1428d7809e613c731c2126960e98df", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/805225a28c1428d7809e613c731c2126960e98df" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/abb3685c8702de887988fee31a97ef4d80d856a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/abb3685c8702de887988fee31a97ef4d80d856a1" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-22", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-22" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "http://www.securityfocus.com/bid/91376", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/91376" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5706", "reference_id": "CVE-2016-5706", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5706" }, { "reference_url": "https://github.com/advisories/GHSA-9rmm-8fp4-26hv", "reference_id": "GHSA-9rmm-8fp4-26hv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9rmm-8fp4-26hv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-5706", "GHSA-9rmm-8fp4-26hv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvfz-v881-sufp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38679?format=api", "vulnerability_id": "VCID-txba-1at4-ekg2", "summary": "URL Redirection to Untrusted Site (Open Redirect)\nphpMyAdmin is vulnerable to an open redirect weakness.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47182", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47248", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000013" }, { "reference_url": "https://web.archive.org/web/20210123220100/http://www.securityfocus.com/bid/95720", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220100/http://www.securityfocus.com/bid/95720" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-1" }, { "reference_url": "http://www.securityfocus.com/bid/95720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95720" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000013", "reference_id": "CVE-2017-1000013", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000013" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2017-1000013", "GHSA-5h5m-fj48-qpjw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-txba-1at4-ekg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98148?format=api", "vulnerability_id": "VCID-uc6b-5sj1-9yg2", "summary": "libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166294.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166294.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166307.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166307.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166531.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166531.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21219", "scoring_system": "epss", "scoring_elements": "0.95784", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.21219", "scoring_system": "epss", "scoring_elements": "0.95778", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/0314e67900f01410bc8c81c58a40dc0515e3c91d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/0314e67900f01410bc8c81c58a40dc0515e3c91d" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/785f4e2711848eb8945894199d5870253a88584e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/785f4e2711848eb8945894199d5870253a88584e" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6830" }, { "reference_url": "https://web.archive.org/web/20200228052837/http://www.securityfocus.com/bid/76674", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228052837/http://www.securityfocus.com/bid/76674" }, { "reference_url": "https://web.archive.org/web/20211215060142/http://www.securitytracker.com/id/1033546", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211215060142/http://www.securitytracker.com/id/1033546" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2015-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2015-4" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2015-4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2015-4/" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3382", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3382" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/52414.py", "reference_id": "CVE-2015-6830", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/52414.py" }, { "reference_url": "https://github.com/advisories/GHSA-v6fh-vg22-r6cm", "reference_id": "GHSA-v6fh-vg22-r6cm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-v6fh-vg22-r6cm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2015-6830", "GHSA-v6fh-vg22-r6cm" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uc6b-5sj1-9yg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38277?format=api", "vulnerability_id": "VCID-utga-335m-dua9", "summary": "Cross-site Scripting\nAn XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9856", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49434", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49373", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9856" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-64", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-64" }, { "reference_url": "http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9856", "reference_id": "CVE-2016-9856", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9856" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9856", "GHSA-j8mx-x32r-5rf4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-utga-335m-dua9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98186?format=api", "vulnerability_id": "VCID-v1kx-5wa1-r7he", "summary": "An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the curl wrapper issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.6637", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66411", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9852" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9852" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v1kx-5wa1-r7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98194?format=api", "vulnerability_id": "VCID-vpf2-5j4s-jqeb", "summary": "An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the MySQL database. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.48175", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00419", "scoring_system": "epss", "scoring_elements": "0.62193", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9864" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-9864" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpf2-5j4s-jqeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98181?format=api", "vulnerability_id": "VCID-vxc7-fwud-33an", "summary": "An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0069", "scoring_system": "epss", "scoring_elements": "0.72171", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0069", "scoring_system": "epss", "scoring_elements": "0.72213", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6630" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6630" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxc7-fwud-33an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51809?format=api", "vulnerability_id": "VCID-w6nk-akeh-4ufg", "summary": "Cross-Site Request Forgery (CSRF)\nA CSRF issue in phpMyAdmin allows deletion of any server in the Setup page.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html" }, { "reference_url": "http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31957", "scoring_system": "epss", "scoring_elements": "0.96908", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.31957", "scoring_system": "epss", "scoring_elements": "0.96912", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Sep/23", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/Sep/23" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN" }, { "reference_url": "https://www.exploit-db.com/exploits/47385", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/47385" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt", "reference_id": "CVE-2019-12922", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12922", "reference_id": "CVE-2019-12922", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12922" }, { "reference_url": "https://github.com/advisories/GHSA-4c9q-64gq-xhx4", "reference_id": "GHSA-4c9q-64gq-xhx4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4c9q-64gq-xhx4" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195443?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47ju-f89a-eud8" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dmqy-9xth-cuhs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-12922", "GHSA-4c9q-64gq-xhx4" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6nk-akeh-4ufg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98180?format=api", "vulnerability_id": "VCID-x75q-4y74-d3gt", "summary": "An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6627", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57705", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57757", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6627" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6627" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x75q-4y74-d3gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38272?format=api", "vulnerability_id": "VCID-xqf5-yxf3-u3he", "summary": "Cross-site Scripting\nAn issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49487", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49425", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-51", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-51" }, { "reference_url": "http://www.securityfocus.com/bid/92492", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92492" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6628", "reference_id": "CVE-2016-6628", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6628" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6628", "GHSA-phhm-63xx-v9rr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xqf5-yxf3-u3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98169?format=api", "vulnerability_id": "VCID-zmjf-j2zs-23ey", "summary": "XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57569", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57622", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6607" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6607" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmjf-j2zs-23ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38685?format=api", "vulnerability_id": "VCID-zvcj-g6rt-s3de", "summary": "Server-Side Request Forgery (SSRF)\nphpMyAdmin is vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.76369", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.76341", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000017" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-6" }, { "reference_url": "http://www.securityfocus.com/bid/95732", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/95732" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000017", "reference_id": "CVE-2017-1000017", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000017" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2017-1000017", "GHSA-99xj-xqc9-98hr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvcj-g6rt-s3de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98178?format=api", "vulnerability_id": "VCID-zyes-82y3-g7dh", "summary": "An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service (DoS) attack on a server by passing large values to a loop. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6623", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69446", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69485", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6623" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6623", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6623" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123204343/http://www.securityfocus.com/bid/95052", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123204343/http://www.securityfocus.com/bid/95052" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-46", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-46" }, { "reference_url": "https://github.com/advisories/GHSA-2mcj-3r3r-v5wm", "reference_id": "GHSA-2mcj-3r3r-v5wm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2mcj-3r3r-v5wm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516524?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.6.6-4%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-4%252Bdeb9u1" } ], "aliases": [ "CVE-2016-6623", "GHSA-2mcj-3r3r-v5wm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zyes-82y3-g7dh" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98123?format=api", "vulnerability_id": "VCID-1aqb-7an7-mbed", "summary": "phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4998", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48525", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48587", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4998" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-4998" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1aqb-7an7-mbed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98124?format=api", "vulnerability_id": "VCID-3trr-z4gq-pbdr", "summary": "phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48525", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48587", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4999" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-4999" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3trr-z4gq-pbdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98139?format=api", "vulnerability_id": "VCID-7ntf-d3af-nbbk", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.69981", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70022", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/203681?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1aqb-7an7-mbed" }, { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3trr-z4gq-pbdr" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7pwj-c6c4-gbeq" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-858m-cbw6-cfc1" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-9z7g-cffj-1ufe" }, { "vulnerability": "VCID-a4fa-ms27-93fn" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-ajmz-kfxh-sqaf" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-bshf-rz9w-3yb3" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-e677-1yaz-g3em" }, { "vulnerability": "VCID-fc5a-pvtd-wkcz" }, { "vulnerability": "VCID-fsub-2bfp-8qbw" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-hyn6-xxxq-57f4" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k3fp-nkvv-e3fa" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-krmp-qvw1-n7b6" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m54t-23nu-3kaa" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pdmq-pgqp-5qft" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qbjt-k4x8-gya5" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qpsr-xv8c-b3gj" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-sj19-5q5e-j7ah" }, { "vulnerability": "VCID-snke-vmcg-xfd2" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-ufzd-pbge-6qhk" }, { "vulnerability": "VCID-ur19-yjak-vqdd" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-v69j-7vk9-e3d4" }, { "vulnerability": "VCID-v6xv-djkp-4kgw" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-vxj9-zxns-kkh9" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-ww5r-71kf-tfgr" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xgnx-jteb-myf7" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" } ], "aliases": [ "CVE-2014-8958" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ntf-d3af-nbbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98109?format=api", "vulnerability_id": "VCID-7pwj-c6c4-gbeq", "summary": "show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51911", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51971", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4219" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2012-4219" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7pwj-c6c4-gbeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98121?format=api", "vulnerability_id": "VCID-858m-cbw6-cfc1", "summary": "Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43285", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43358", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/203681?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1aqb-7an7-mbed" }, { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3trr-z4gq-pbdr" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7pwj-c6c4-gbeq" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-858m-cbw6-cfc1" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-9z7g-cffj-1ufe" }, { "vulnerability": "VCID-a4fa-ms27-93fn" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-ajmz-kfxh-sqaf" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-bshf-rz9w-3yb3" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-e677-1yaz-g3em" }, { "vulnerability": "VCID-fc5a-pvtd-wkcz" }, { "vulnerability": "VCID-fsub-2bfp-8qbw" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-hyn6-xxxq-57f4" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k3fp-nkvv-e3fa" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-krmp-qvw1-n7b6" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m54t-23nu-3kaa" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pdmq-pgqp-5qft" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qbjt-k4x8-gya5" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qpsr-xv8c-b3gj" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-sj19-5q5e-j7ah" }, { "vulnerability": "VCID-snke-vmcg-xfd2" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-ufzd-pbge-6qhk" }, { "vulnerability": "VCID-ur19-yjak-vqdd" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-v69j-7vk9-e3d4" }, { "vulnerability": "VCID-v6xv-djkp-4kgw" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-vxj9-zxns-kkh9" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-ww5r-71kf-tfgr" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xgnx-jteb-myf7" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-4995" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-858m-cbw6-cfc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98141?format=api", "vulnerability_id": "VCID-9z7g-cffj-1ufe", "summary": "Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8960", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52374", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52435", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8960" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-8960" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9z7g-cffj-1ufe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43835?format=api", "vulnerability_id": "VCID-a4fa-ms27-93fn", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5274", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44562", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44631", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5274" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/0cd293f5e13aa245e4a57b8d373597cc0e421b6f", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/0cd293f5e13aa245e4a57b8d373597cc0e421b6f" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536", "reference_id": "758536", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5274", "reference_id": "CVE-2014-5274", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5274" }, { "reference_url": "https://github.com/advisories/GHSA-q586-xpwr-jc3j", "reference_id": "GHSA-q586-xpwr-jc3j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q586-xpwr-jc3j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-5274", "GHSA-q586-xpwr-jc3j" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a4fa-ms27-93fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98138?format=api", "vulnerability_id": "VCID-a94q-k98a-6qbw", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00009.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56961", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5691", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7217" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/304fb2b645b36a39e03b954fdbd567173ebe6448", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/304fb2b645b36a39e03b954fdbd567173ebe6448" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/c1a3f85fbd1a9569646e7cf1b791325ae82c7961", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/c1a3f85fbd1a9569646e7cf1b791325ae82c7961" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7217", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7217" }, { "reference_url": "https://web.archive.org/web/20141010205819/http://www.securityfocus.com/bid/70252", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20141010205819/http://www.securityfocus.com/bid/70252" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php" }, { "reference_url": "https://github.com/advisories/GHSA-wv8g-fx9j-q2jg", "reference_id": "GHSA-wv8g-fx9j-q2jg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wv8g-fx9j-q2jg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-7217", "GHSA-wv8g-fx9j-q2jg" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a94q-k98a-6qbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98122?format=api", "vulnerability_id": "VCID-ajmz-kfxh-sqaf", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, (3) a crafted logo URL in the navigation panel, (4) a crafted entry in a certain proxy list, or (5) crafted content in a version.json file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51389", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51451", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/203681?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1aqb-7an7-mbed" }, { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3trr-z4gq-pbdr" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7pwj-c6c4-gbeq" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-858m-cbw6-cfc1" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-9z7g-cffj-1ufe" }, { "vulnerability": "VCID-a4fa-ms27-93fn" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-ajmz-kfxh-sqaf" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-bshf-rz9w-3yb3" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-e677-1yaz-g3em" }, { "vulnerability": "VCID-fc5a-pvtd-wkcz" }, { "vulnerability": "VCID-fsub-2bfp-8qbw" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-hyn6-xxxq-57f4" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k3fp-nkvv-e3fa" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-krmp-qvw1-n7b6" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m54t-23nu-3kaa" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pdmq-pgqp-5qft" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qbjt-k4x8-gya5" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qpsr-xv8c-b3gj" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-sj19-5q5e-j7ah" }, { "vulnerability": "VCID-snke-vmcg-xfd2" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-ufzd-pbge-6qhk" }, { "vulnerability": "VCID-ur19-yjak-vqdd" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-v69j-7vk9-e3d4" }, { "vulnerability": "VCID-v6xv-djkp-4kgw" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-vxj9-zxns-kkh9" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-ww5r-71kf-tfgr" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xgnx-jteb-myf7" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-4996" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajmz-kfxh-sqaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44009?format=api", "vulnerability_id": "VCID-amgy-teas-euh5", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00004.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8326", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50643", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50582", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8326" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8326", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8326" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/7b8962dede7631298c81e2c1cd267b81f1e08a8c", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/7b8962dede7631298c81e2c1cd267b81f1e08a8c" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/bd68c54d1beeef79d237e8bfda44690834012a76", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/bd68c54d1beeef79d237e8bfda44690834012a76" }, { "reference_url": "https://web.archive.org/web/20200228163625/http://www.securityfocus.com/bid/70731", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228163625/http://www.securityfocus.com/bid/70731" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8326", "reference_id": "CVE-2014-8326", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8326" }, { "reference_url": "https://github.com/advisories/GHSA-pvr5-84gr-g985", "reference_id": "GHSA-pvr5-84gr-g985", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pvr5-84gr-g985" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-8326", "GHSA-pvr5-84gr-g985" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-amgy-teas-euh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98126?format=api", "vulnerability_id": "VCID-bshf-rz9w-3yb3", "summary": "Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmin 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted object name associated with a TextLinkTransformationPlugin link.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40004", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40086", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5001" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-5001" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bshf-rz9w-3yb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98119?format=api", "vulnerability_id": "VCID-e677-1yaz-g3em", "summary": "Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40004", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40086", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-3742" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e677-1yaz-g3em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98125?format=api", "vulnerability_id": "VCID-fc5a-pvtd-wkcz", "summary": "phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48525", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48587", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5000" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-5000" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fc5a-pvtd-wkcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98140?format=api", "vulnerability_id": "VCID-fsub-2bfp-8qbw", "summary": "Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86311", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86332", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8959" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-8959" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fsub-2bfp-8qbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98137?format=api", "vulnerability_id": "VCID-hyn6-xxxq-57f4", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5273", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59835", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59884", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5273" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5273" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536", "reference_id": "758536", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-5273" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hyn6-xxxq-57f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98143?format=api", "vulnerability_id": "VCID-jvvf-kwtm-6qb7", "summary": "libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15266", "scoring_system": "epss", "scoring_elements": "0.94744", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.15266", "scoring_system": "epss", "scoring_elements": "0.94752", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194", "reference_id": "774194", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/35539.txt", "reference_id": "CVE-2014-9218;OSVDB-115322", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/35539.txt" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/203681?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1aqb-7an7-mbed" }, { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3trr-z4gq-pbdr" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7pwj-c6c4-gbeq" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-858m-cbw6-cfc1" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-9z7g-cffj-1ufe" }, { "vulnerability": "VCID-a4fa-ms27-93fn" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-ajmz-kfxh-sqaf" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-bshf-rz9w-3yb3" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-e677-1yaz-g3em" }, { "vulnerability": "VCID-fc5a-pvtd-wkcz" }, { "vulnerability": "VCID-fsub-2bfp-8qbw" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-hyn6-xxxq-57f4" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k3fp-nkvv-e3fa" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-krmp-qvw1-n7b6" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m54t-23nu-3kaa" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pdmq-pgqp-5qft" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qbjt-k4x8-gya5" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qpsr-xv8c-b3gj" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-sj19-5q5e-j7ah" }, { "vulnerability": "VCID-snke-vmcg-xfd2" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-ufzd-pbge-6qhk" }, { "vulnerability": "VCID-ur19-yjak-vqdd" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-v69j-7vk9-e3d4" }, { "vulnerability": "VCID-v6xv-djkp-4kgw" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-vxj9-zxns-kkh9" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-ww5r-71kf-tfgr" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xgnx-jteb-myf7" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273449?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%252Bdeb8u2" } ], "aliases": [ "CVE-2014-9218" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvvf-kwtm-6qb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98136?format=api", "vulnerability_id": "VCID-k3fp-nkvv-e3fa", "summary": "server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4987", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.40961", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41037", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4987" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-4987" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k3fp-nkvv-e3fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98128?format=api", "vulnerability_id": "VCID-krmp-qvw1-n7b6", "summary": "Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via (1) the scale parameter to pmd_pdf.php or (2) the pdf_page_number parameter to schema_export.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59353", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59404", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/203681?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1aqb-7an7-mbed" }, { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3trr-z4gq-pbdr" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7pwj-c6c4-gbeq" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-858m-cbw6-cfc1" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-9z7g-cffj-1ufe" }, { "vulnerability": "VCID-a4fa-ms27-93fn" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-ajmz-kfxh-sqaf" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-bshf-rz9w-3yb3" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-e677-1yaz-g3em" }, { "vulnerability": "VCID-fc5a-pvtd-wkcz" }, { "vulnerability": "VCID-fsub-2bfp-8qbw" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-hyn6-xxxq-57f4" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k3fp-nkvv-e3fa" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-krmp-qvw1-n7b6" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m54t-23nu-3kaa" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pdmq-pgqp-5qft" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qbjt-k4x8-gya5" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qpsr-xv8c-b3gj" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-sj19-5q5e-j7ah" }, { "vulnerability": "VCID-snke-vmcg-xfd2" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-ufzd-pbge-6qhk" }, { "vulnerability": "VCID-ur19-yjak-vqdd" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-v69j-7vk9-e3d4" }, { "vulnerability": "VCID-v6xv-djkp-4kgw" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-vxj9-zxns-kkh9" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-ww5r-71kf-tfgr" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xgnx-jteb-myf7" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-5003" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-krmp-qvw1-n7b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98135?format=api", "vulnerability_id": "VCID-m54t-23nu-3kaa", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) table name or (2) column name that is improperly handled during construction of an AJAX confirmation message.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4986", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56961", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5691", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4986" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/29a1f56495a7d1d98da31a614f23c0819a606a4d", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/29a1f56495a7d1d98da31a614f23c0819a606a4d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4986", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4986" }, { "reference_url": "https://security.gentoo.org/glsa/201505-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201505-03" }, { "reference_url": "https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/68803", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/68803" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php" }, { "reference_url": "https://github.com/advisories/GHSA-jqmr-wqgp-8mh2", "reference_id": "GHSA-jqmr-wqgp-8mh2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-jqmr-wqgp-8mh2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-4986", "GHSA-jqmr-wqgp-8mh2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m54t-23nu-3kaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44063?format=api", "vulnerability_id": "VCID-n7cc-xfym-u7g4", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50975", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50913", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6300" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac" }, { "reference_url": "https://security.gentoo.org/glsa/201505-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201505-03" }, { "reference_url": "https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6300", "reference_id": "CVE-2014-6300", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6300" }, { "reference_url": "https://github.com/advisories/GHSA-6wfj-2mw7-p5cg", "reference_id": "GHSA-6wfj-2mw7-p5cg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6wfj-2mw7-p5cg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-6300", "GHSA-6wfj-2mw7-p5cg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n7cc-xfym-u7g4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98134?format=api", "vulnerability_id": "VCID-pdmq-pgqp-5qft", "summary": "Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that is improperly handled on the database triggers page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49297", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49359", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4955" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-4955" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pdmq-pgqp-5qft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98131?format=api", "vulnerability_id": "VCID-qbjt-k4x8-gya5", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4348.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4348.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4348", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39677", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39762", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4348" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1117600", "reference_id": "1117600", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1117600" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-4348" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qbjt-k4x8-gya5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98133?format=api", "vulnerability_id": "VCID-qpsr-xv8c-b3gj", "summary": "Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48786", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48846", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4954" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-4954" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpsr-xv8c-b3gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98142?format=api", "vulnerability_id": "VCID-sj19-5q5e-j7ah", "summary": "Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01447", "scoring_system": "epss", "scoring_elements": "0.81102", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01447", "scoring_system": "epss", "scoring_elements": "0.81131", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8961" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-8961" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sj19-5q5e-j7ah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98130?format=api", "vulnerability_id": "VCID-snke-vmcg-xfd2", "summary": "Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46059", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46127", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/203681?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1aqb-7an7-mbed" }, { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3trr-z4gq-pbdr" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7pwj-c6c4-gbeq" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-858m-cbw6-cfc1" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-9z7g-cffj-1ufe" }, { "vulnerability": "VCID-a4fa-ms27-93fn" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-ajmz-kfxh-sqaf" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-bshf-rz9w-3yb3" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-e677-1yaz-g3em" }, { "vulnerability": "VCID-fc5a-pvtd-wkcz" }, { "vulnerability": "VCID-fsub-2bfp-8qbw" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-hyn6-xxxq-57f4" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k3fp-nkvv-e3fa" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-krmp-qvw1-n7b6" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m54t-23nu-3kaa" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pdmq-pgqp-5qft" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qbjt-k4x8-gya5" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qpsr-xv8c-b3gj" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-sj19-5q5e-j7ah" }, { "vulnerability": "VCID-snke-vmcg-xfd2" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-ufzd-pbge-6qhk" }, { "vulnerability": "VCID-ur19-yjak-vqdd" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-v69j-7vk9-e3d4" }, { "vulnerability": "VCID-v6xv-djkp-4kgw" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-vxj9-zxns-kkh9" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-ww5r-71kf-tfgr" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xgnx-jteb-myf7" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-1879" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snke-vmcg-xfd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98120?format=api", "vulnerability_id": "VCID-ufzd-pbge-6qhk", "summary": "import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.58927", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.58974", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4729" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/012464268420e53a9cd81cbb4a43988d70393c36", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/012464268420e53a9cd81cbb4a43988d70393c36" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4729", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4729" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php" }, { "reference_url": "https://github.com/advisories/GHSA-x962-w72p-mv7q", "reference_id": "GHSA-x962-w72p-mv7q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-x962-w72p-mv7q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-4729", "GHSA-x962-w72p-mv7q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ufzd-pbge-6qhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98132?format=api", "vulnerability_id": "VCID-ur19-yjak-vqdd", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4349.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57991", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58043", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4349" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1117601", "reference_id": "1117601", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1117601" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-4349" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ur19-yjak-vqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98144?format=api", "vulnerability_id": "VCID-v69j-7vk9-e3d4", "summary": "Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.64184", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.64228", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9219" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194", "reference_id": "774194", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2014-9219" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v69j-7vk9-e3d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44170?format=api", "vulnerability_id": "VCID-v6xv-djkp-4kgw", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4997", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49863", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49925", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4997" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4997", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4997" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4997", "reference_id": "CVE-2013-4997", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4997" }, { "reference_url": "https://github.com/advisories/GHSA-5gh4-v2ch-pcx4", "reference_id": "GHSA-5gh4-v2ch-pcx4", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5gh4-v2ch-pcx4" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-4997", "GHSA-5gh4-v2ch-pcx4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6xv-djkp-4kgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98159?format=api", "vulnerability_id": "VCID-vxj9-zxns-kkh9", "summary": "An issue was discovered in phpMyAdmin. A user can be tricked into following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the user's valid phpMyAdmin token. All 4.0.x versions (prior to 4.0.10.16) are affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47231", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47296", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4412" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2016-4412" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxj9-zxns-kkh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98127?format=api", "vulnerability_id": "VCID-ww5r-71kf-tfgr", "summary": "Cross-site scripting (XSS) vulnerability in libraries/schema/Export_Relation_Schema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schema_export.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43285", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43358", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5002", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5002" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php" }, { "reference_url": "https://github.com/advisories/GHSA-p632-5w74-x8xx", "reference_id": "GHSA-p632-5w74-x8xx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-p632-5w74-x8xx" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/203681?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1aqb-7an7-mbed" }, { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3trr-z4gq-pbdr" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7pwj-c6c4-gbeq" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-858m-cbw6-cfc1" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-9z7g-cffj-1ufe" }, { "vulnerability": "VCID-a4fa-ms27-93fn" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-ajmz-kfxh-sqaf" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-bshf-rz9w-3yb3" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-e677-1yaz-g3em" }, { "vulnerability": "VCID-fc5a-pvtd-wkcz" }, { "vulnerability": "VCID-fsub-2bfp-8qbw" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-hyn6-xxxq-57f4" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k3fp-nkvv-e3fa" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-krmp-qvw1-n7b6" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m54t-23nu-3kaa" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pdmq-pgqp-5qft" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qbjt-k4x8-gya5" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qpsr-xv8c-b3gj" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-sj19-5q5e-j7ah" }, { "vulnerability": "VCID-snke-vmcg-xfd2" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-ufzd-pbge-6qhk" }, { "vulnerability": "VCID-ur19-yjak-vqdd" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-v69j-7vk9-e3d4" }, { "vulnerability": "VCID-v6xv-djkp-4kgw" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-vxj9-zxns-kkh9" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-ww5r-71kf-tfgr" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xgnx-jteb-myf7" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-5002", "GHSA-p632-5w74-x8xx" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ww5r-71kf-tfgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98129?format=api", "vulnerability_id": "VCID-xgnx-jteb-myf7", "summary": "phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01725", "scoring_system": "epss", "scoring_elements": "0.82767", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01725", "scoring_system": "epss", "scoring_elements": "0.82792", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5029" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5029" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/273448?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:4.2.12-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-gzqj-2qc5" }, { "vulnerability": "VCID-1hvw-4h4d-zkhv" }, { "vulnerability": "VCID-23dq-w66r-k3bt" }, { "vulnerability": "VCID-27w6-zhxk-x7e7" }, { "vulnerability": "VCID-282b-1ugg-yuev" }, { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-2vqn-z4en-duh4" }, { "vulnerability": "VCID-31jg-3pzb-y3b6" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-33kv-ye2c-ebax" }, { "vulnerability": "VCID-33mh-s92h-c7ht" }, { "vulnerability": "VCID-38tp-acy8-57hj" }, { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4kax-4bpz-g7c5" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-4wn2-pnbv-sked" }, { "vulnerability": "VCID-52xs-45kd-w3hz" }, { "vulnerability": "VCID-59mu-8aep-9ycn" }, { "vulnerability": "VCID-5bu8-wy7w-bqfc" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6gs5-cswx-bfeb" }, { "vulnerability": "VCID-7avk-rmwd-yugt" }, { "vulnerability": "VCID-7ntf-d3af-nbbk" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-84n7-nzzg-juhz" }, { "vulnerability": "VCID-8jt7-y15v-83gj" }, { "vulnerability": "VCID-8rvw-n1fg-ffc2" }, { "vulnerability": "VCID-8yxm-e33n-d7gj" }, { "vulnerability": "VCID-9nh7-ny6c-n3cd" }, { "vulnerability": "VCID-9tdu-572c-tbb2" }, { "vulnerability": "VCID-ajeh-4q9t-sydz" }, { "vulnerability": "VCID-ajf6-bk2g-wkb7" }, { "vulnerability": "VCID-b2nf-6pr3-xqaa" }, { "vulnerability": "VCID-b4jk-yjfy-pfcv" }, { "vulnerability": "VCID-b6ng-ygap-zqh4" }, { "vulnerability": "VCID-bd83-vf81-sfa4" }, { "vulnerability": "VCID-bddg-5zgr-3uew" }, { "vulnerability": "VCID-btc1-yng3-ckhx" }, { "vulnerability": "VCID-cbjd-e3sk-m7bu" }, { "vulnerability": "VCID-crn9-f6qt-qfg5" }, { "vulnerability": "VCID-cth2-72mg-6yfr" }, { "vulnerability": "VCID-cz55-m46r-37gb" }, { "vulnerability": "VCID-d7jk-a94y-n3ca" }, { "vulnerability": "VCID-dbk1-n9kh-dfhm" }, { "vulnerability": "VCID-dfsz-1y13-yug9" }, { "vulnerability": "VCID-dgvs-kqpd-gfcy" }, { "vulnerability": "VCID-dj5f-y77j-d7dx" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-g2uy-ekyf-4bcj" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gqxb-6rey-rbhv" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-gzwb-ju7m-juf7" }, { "vulnerability": "VCID-har4-gaft-m7e8" }, { "vulnerability": "VCID-hbp6-s544-pqaw" }, { "vulnerability": "VCID-hw5n-kv9r-8yej" }, { "vulnerability": "VCID-j589-8hrn-9bae" }, { "vulnerability": "VCID-jabw-t2hb-q3e9" }, { "vulnerability": "VCID-jemb-avnk-c7eb" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-jvvf-kwtm-6qb7" }, { "vulnerability": "VCID-jxf7-1cq4-t3cv" }, { "vulnerability": "VCID-k5ph-wws1-fqg4" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-kfrx-mmr7-euep" }, { "vulnerability": "VCID-kwtj-jk24-zffq" }, { "vulnerability": "VCID-m2g6-2ztp-tuam" }, { "vulnerability": "VCID-m3kq-1cfg-mkgc" }, { "vulnerability": "VCID-m59w-cug5-wbe2" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-mxn5-bh7q-gkdb" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n53q-r421-affh" }, { "vulnerability": "VCID-n66y-s36g-fqck" }, { "vulnerability": "VCID-np5w-chxm-cyak" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-nv3j-xj42-wfcw" }, { "vulnerability": "VCID-p1jn-sxds-mqd1" }, { "vulnerability": "VCID-p361-saxs-97g9" }, { "vulnerability": "VCID-pfdk-db4h-47dx" }, { "vulnerability": "VCID-pnry-rv8t-v3ff" }, { "vulnerability": "VCID-q2wv-kbra-5kg8" }, { "vulnerability": "VCID-q45d-5bf4-tff5" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-q7rn-1612-quau" }, { "vulnerability": "VCID-q7zq-5xpn-93dd" }, { "vulnerability": "VCID-qeac-129m-1udw" }, { "vulnerability": "VCID-qmj2-pxvt-zqes" }, { "vulnerability": "VCID-qpj7-uk5e-nbez" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-r3z5-cc6j-8yg6" }, { "vulnerability": "VCID-r4zz-m2mr-9qeb" }, { "vulnerability": "VCID-r9sb-489v-fqc9" }, { "vulnerability": "VCID-rc63-nakx-ebbe" }, { "vulnerability": "VCID-rsrk-jwbt-qfhe" }, { "vulnerability": "VCID-rx9z-rdmm-5fg6" }, { "vulnerability": "VCID-rxz2-tx2n-k3bd" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-s88e-r2gd-9yep" }, { "vulnerability": "VCID-segg-gk79-9bc6" }, { "vulnerability": "VCID-tvfz-v881-sufp" }, { "vulnerability": "VCID-txba-1at4-ekg2" }, { "vulnerability": "VCID-uc6b-5sj1-9yg2" }, { "vulnerability": "VCID-utga-335m-dua9" }, { "vulnerability": "VCID-v1kx-5wa1-r7he" }, { "vulnerability": "VCID-vpf2-5j4s-jqeb" }, { "vulnerability": "VCID-vxc7-fwud-33an" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" }, { "vulnerability": "VCID-x75q-4y74-d3gt" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" }, { "vulnerability": "VCID-zmjf-j2zs-23ey" }, { "vulnerability": "VCID-zvcj-g6rt-s3de" }, { "vulnerability": "VCID-zyes-82y3-g7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" } ], "aliases": [ "CVE-2013-5029" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgnx-jteb-myf7" } ], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2" }