Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/phpmyadmin/phpmyadmin@5.0.0
Typecomposer
Namespacephpmyadmin
Namephpmyadmin
Version5.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.2.2
Latest_non_vulnerable_version5.2.2
Affected_by_vulnerabilities
0
url VCID-2jjv-4en4-e3gx
vulnerability_id VCID-2jjv-4en4-e3gx
summary phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-22278
reference_id
reference_type
scores
0
value 0.00409
scoring_system epss
scoring_elements 0.61125
published_at 2026-04-01T12:55:00Z
1
value 0.00409
scoring_system epss
scoring_elements 0.61205
published_at 2026-04-02T12:55:00Z
2
value 0.00409
scoring_system epss
scoring_elements 0.61233
published_at 2026-04-04T12:55:00Z
3
value 0.00409
scoring_system epss
scoring_elements 0.61199
published_at 2026-04-07T12:55:00Z
4
value 0.00409
scoring_system epss
scoring_elements 0.61247
published_at 2026-04-08T12:55:00Z
5
value 0.00409
scoring_system epss
scoring_elements 0.61261
published_at 2026-04-09T12:55:00Z
6
value 0.00409
scoring_system epss
scoring_elements 0.61281
published_at 2026-04-11T12:55:00Z
7
value 0.00409
scoring_system epss
scoring_elements 0.61267
published_at 2026-04-12T12:55:00Z
8
value 0.00409
scoring_system epss
scoring_elements 0.61249
published_at 2026-04-13T12:55:00Z
9
value 0.00409
scoring_system epss
scoring_elements 0.61289
published_at 2026-04-16T12:55:00Z
10
value 0.00409
scoring_system epss
scoring_elements 0.61294
published_at 2026-04-18T12:55:00Z
11
value 0.00409
scoring_system epss
scoring_elements 0.61273
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-22278
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-22278
reference_id CVE-2020-22278
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-22278
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.3
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
1
vulnerability VCID-rqy8-n6fr-hqey
2
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3
aliases CVE-2020-22278
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jjv-4en4-e3gx
1
url VCID-2y3v-jnph-hfh4
vulnerability_id VCID-2y3v-jnph-hfh4
summary 
Multiple vulnerabilities have been found in phpMyAdmin, allowing
    remote attackers to conduct XSS.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
2
reference_url https://advisory.checkmarx.net/advisory/CX-2020-4281
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://advisory.checkmarx.net/advisory/CX-2020-4281
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26935
reference_id
reference_type
scores
0
value 0.91523
scoring_system epss
scoring_elements 0.99675
published_at 2026-04-21T12:55:00Z
1
value 0.91523
scoring_system epss
scoring_elements 0.9967
published_at 2026-04-07T12:55:00Z
2
value 0.91523
scoring_system epss
scoring_elements 0.99669
published_at 2026-04-04T12:55:00Z
3
value 0.91523
scoring_system epss
scoring_elements 0.99667
published_at 2026-04-02T12:55:00Z
4
value 0.91523
scoring_system epss
scoring_elements 0.99673
published_at 2026-04-18T12:55:00Z
5
value 0.91523
scoring_system epss
scoring_elements 0.99672
published_at 2026-04-16T12:55:00Z
6
value 0.91523
scoring_system epss
scoring_elements 0.99671
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26935
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26935
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26935
12
reference_url https://www.phpmyadmin.net/security/PMASA-2020-6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-6
13
reference_url https://www.phpmyadmin.net/security/PMASA-2020-6/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-6/
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000
reference_id 972000
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000
15
reference_url https://github.com/advisories/GHSA-7ff4-cv53-4cjq
reference_id GHSA-7ff4-cv53-4cjq
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7ff4-cv53-4cjq
16
reference_url https://security.gentoo.org/glsa/202101-35
reference_id GLSA-202101-35
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202101-35
17
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
18
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.3
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
1
vulnerability VCID-rqy8-n6fr-hqey
2
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3
aliases CVE-2020-26935, GHSA-7ff4-cv53-4cjq
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2y3v-jnph-hfh4
2
url VCID-41mv-6vqr-sua6
vulnerability_id VCID-41mv-6vqr-sua6
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-22452
reference_id
reference_type
scores
0
value 0.03245
scoring_system epss
scoring_elements 0.87129
published_at 2026-04-21T12:55:00Z
1
value 0.03245
scoring_system epss
scoring_elements 0.87058
published_at 2026-04-01T12:55:00Z
2
value 0.03245
scoring_system epss
scoring_elements 0.87069
published_at 2026-04-02T12:55:00Z
3
value 0.03245
scoring_system epss
scoring_elements 0.87088
published_at 2026-04-04T12:55:00Z
4
value 0.03245
scoring_system epss
scoring_elements 0.87081
published_at 2026-04-07T12:55:00Z
5
value 0.03245
scoring_system epss
scoring_elements 0.87101
published_at 2026-04-08T12:55:00Z
6
value 0.03245
scoring_system epss
scoring_elements 0.87109
published_at 2026-04-09T12:55:00Z
7
value 0.03245
scoring_system epss
scoring_elements 0.87122
published_at 2026-04-11T12:55:00Z
8
value 0.03245
scoring_system epss
scoring_elements 0.87117
published_at 2026-04-12T12:55:00Z
9
value 0.03245
scoring_system epss
scoring_elements 0.87112
published_at 2026-04-13T12:55:00Z
10
value 0.03245
scoring_system epss
scoring_elements 0.87128
published_at 2026-04-16T12:55:00Z
11
value 0.03245
scoring_system epss
scoring_elements 0.87132
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-22452
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb
4
reference_url https://github.com/phpmyadmin/phpmyadmin/issues/15898
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url https://github.com/phpmyadmin/phpmyadmin/issues/15898
5
reference_url https://github.com/phpmyadmin/phpmyadmin/pull/16004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url https://github.com/phpmyadmin/phpmyadmin/pull/16004
6
reference_url https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog
reference_id ChangeLog
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-22452
reference_id CVE-2020-22452
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-22452
8
reference_url https://github.com/advisories/GHSA-prcg-mc23-hgjh
reference_id GHSA-prcg-mc23-hgjh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-prcg-mc23-hgjh
9
reference_url http://phpmyadmin.com
reference_id phpmyadmin.com
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url http://phpmyadmin.com
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.2
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-araw-4wdy-hqcz
3
vulnerability VCID-dsxw-w87t-eycw
4
vulnerability VCID-mk34-h4nz-b3ey
5
vulnerability VCID-rqy8-n6fr-hqey
6
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2
aliases CVE-2020-22452, GHSA-prcg-mc23-hgjh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-41mv-6vqr-sua6
3
url VCID-5657-kcyh-7bc2
vulnerability_id VCID-5657-kcyh-7bc2
summary 
phpMyAdmin SQL injection in user accounts page
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5504
reference_id
reference_type
scores
0
value 0.22375
scoring_system epss
scoring_elements 0.95843
published_at 2026-04-21T12:55:00Z
1
value 0.22375
scoring_system epss
scoring_elements 0.95834
published_at 2026-04-16T12:55:00Z
2
value 0.22375
scoring_system epss
scoring_elements 0.9584
published_at 2026-04-18T12:55:00Z
3
value 0.23238
scoring_system epss
scoring_elements 0.95916
published_at 2026-04-02T12:55:00Z
4
value 0.23238
scoring_system epss
scoring_elements 0.95908
published_at 2026-04-01T12:55:00Z
5
value 0.23238
scoring_system epss
scoring_elements 0.95945
published_at 2026-04-13T12:55:00Z
6
value 0.23238
scoring_system epss
scoring_elements 0.95942
published_at 2026-04-12T12:55:00Z
7
value 0.23238
scoring_system epss
scoring_elements 0.95939
published_at 2026-04-09T12:55:00Z
8
value 0.23238
scoring_system epss
scoring_elements 0.95937
published_at 2026-04-08T12:55:00Z
9
value 0.23238
scoring_system epss
scoring_elements 0.95928
published_at 2026-04-07T12:55:00Z
10
value 0.23238
scoring_system epss
scoring_elements 0.95924
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5504
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504
3
reference_url https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml
5
reference_url https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-5504
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-5504
9
reference_url https://www.phpmyadmin.net/security/PMASA-2020-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-1
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718
reference_id 948718
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt
reference_id CVE-2020-5504
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt
12
reference_url https://github.com/advisories/GHSA-fgj8-93xx-f6g6
reference_id GHSA-fgj8-93xx-f6g6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fgj8-93xx-f6g6
13
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
14
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.1
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-araw-4wdy-hqcz
4
vulnerability VCID-mk34-h4nz-b3ey
5
vulnerability VCID-ngtc-xtjn-xbhp
6
vulnerability VCID-rqy8-n6fr-hqey
7
vulnerability VCID-tks3-6uv4-kygf
8
vulnerability VCID-ym9b-4su6-6fbr
9
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.1
aliases CVE-2020-5504, GHSA-fgj8-93xx-f6g6
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5657-kcyh-7bc2
4
url VCID-araw-4wdy-hqcz
vulnerability_id VCID-araw-4wdy-hqcz
summary 
phpMyAdmin XSS when checking tables
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24530
reference_id
reference_type
scores
0
value 0.00196
scoring_system epss
scoring_elements 0.41553
published_at 2026-04-09T12:55:00Z
1
value 0.00196
scoring_system epss
scoring_elements 0.41472
published_at 2026-04-21T12:55:00Z
2
value 0.00196
scoring_system epss
scoring_elements 0.41541
published_at 2026-04-02T12:55:00Z
3
value 0.00196
scoring_system epss
scoring_elements 0.41528
published_at 2026-04-13T12:55:00Z
4
value 0.00196
scoring_system epss
scoring_elements 0.41542
published_at 2026-04-12T12:55:00Z
5
value 0.00196
scoring_system epss
scoring_elements 0.41569
published_at 2026-04-04T12:55:00Z
6
value 0.00196
scoring_system epss
scoring_elements 0.41495
published_at 2026-04-07T12:55:00Z
7
value 0.00196
scoring_system epss
scoring_elements 0.41545
published_at 2026-04-08T12:55:00Z
8
value 0.00196
scoring_system epss
scoring_elements 0.41575
published_at 2026-04-11T12:55:00Z
9
value 0.00196
scoring_system epss
scoring_elements 0.41547
published_at 2026-04-18T12:55:00Z
10
value 0.00196
scoring_system epss
scoring_elements 0.41573
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24530
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7
4
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-24530
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-24530
6
reference_url https://www.phpmyadmin.net/security/PMASA-2025-1
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2025-1
7
reference_url https://github.com/advisories/GHSA-222v-cx2c-q2f5
reference_id GHSA-222v-cx2c-q2f5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-222v-cx2c-q2f5
8
reference_url https://www.phpmyadmin.net/security/PMASA-2025-1/
reference_id PMASA-2025-1
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T15:02:00Z/
url https://www.phpmyadmin.net/security/PMASA-2025-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.2.2
purl pkg:composer/phpmyadmin/phpmyadmin@5.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.2
aliases CVE-2025-24530, GHSA-222v-cx2c-q2f5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-araw-4wdy-hqcz
5
url VCID-mk34-h4nz-b3ey
vulnerability_id VCID-mk34-h4nz-b3ey
summary 
Multiple vulnerabilities have been found in phpMyAdmin, allowing
    remote attackers to conduct XSS.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26934
reference_id
reference_type
scores
0
value 0.02788
scoring_system epss
scoring_elements 0.86094
published_at 2026-04-21T12:55:00Z
1
value 0.02788
scoring_system epss
scoring_elements 0.86042
published_at 2026-04-07T12:55:00Z
2
value 0.02788
scoring_system epss
scoring_elements 0.86026
published_at 2026-04-02T12:55:00Z
3
value 0.02788
scoring_system epss
scoring_elements 0.86014
published_at 2026-04-01T12:55:00Z
4
value 0.02788
scoring_system epss
scoring_elements 0.86101
published_at 2026-04-18T12:55:00Z
5
value 0.02788
scoring_system epss
scoring_elements 0.86096
published_at 2026-04-16T12:55:00Z
6
value 0.02788
scoring_system epss
scoring_elements 0.86079
published_at 2026-04-13T12:55:00Z
7
value 0.02788
scoring_system epss
scoring_elements 0.86083
published_at 2026-04-12T12:55:00Z
8
value 0.02788
scoring_system epss
scoring_elements 0.86086
published_at 2026-04-11T12:55:00Z
9
value 0.02788
scoring_system epss
scoring_elements 0.86072
published_at 2026-04-09T12:55:00Z
10
value 0.02788
scoring_system epss
scoring_elements 0.86061
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26934
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml
5
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
6
reference_url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26934
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26934
14
reference_url https://www.phpmyadmin.net/security/PMASA-2020-5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-5
15
reference_url https://www.phpmyadmin.net/security/PMASA-2020-5/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-5/
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999
reference_id 971999
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999
17
reference_url https://github.com/advisories/GHSA-6349-53vr-7hcr
reference_id GHSA-6349-53vr-7hcr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6349-53vr-7hcr
18
reference_url https://security.gentoo.org/glsa/202101-35
reference_id GLSA-202101-35
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202101-35
19
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
20
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.3
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
1
vulnerability VCID-rqy8-n6fr-hqey
2
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3
aliases CVE-2020-26934, GHSA-6349-53vr-7hcr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mk34-h4nz-b3ey
6
url VCID-ngtc-xtjn-xbhp
vulnerability_id VCID-ngtc-xtjn-xbhp
summary 
phpMyAdmin SQL injection vulnerability
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10802
reference_id
reference_type
scores
0
value 0.01622
scoring_system epss
scoring_elements 0.81852
published_at 2026-04-11T12:55:00Z
1
value 0.01622
scoring_system epss
scoring_elements 0.81779
published_at 2026-04-02T12:55:00Z
2
value 0.01622
scoring_system epss
scoring_elements 0.81873
published_at 2026-04-21T12:55:00Z
3
value 0.01622
scoring_system epss
scoring_elements 0.81871
published_at 2026-04-18T12:55:00Z
4
value 0.01622
scoring_system epss
scoring_elements 0.8187
published_at 2026-04-16T12:55:00Z
5
value 0.01622
scoring_system epss
scoring_elements 0.81834
published_at 2026-04-13T12:55:00Z
6
value 0.01622
scoring_system epss
scoring_elements 0.8184
published_at 2026-04-12T12:55:00Z
7
value 0.01622
scoring_system epss
scoring_elements 0.81826
published_at 2026-04-08T12:55:00Z
8
value 0.01622
scoring_system epss
scoring_elements 0.818
published_at 2026-04-07T12:55:00Z
9
value 0.01622
scoring_system epss
scoring_elements 0.81802
published_at 2026-04-04T12:55:00Z
10
value 0.01622
scoring_system epss
scoring_elements 0.81769
published_at 2026-04-01T12:55:00Z
11
value 0.01622
scoring_system epss
scoring_elements 0.81833
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10802
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10802
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10802
15
reference_url https://www.phpmyadmin.net/security/PMASA-2020-3
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-3
16
reference_url https://www.phpmyadmin.net/security/PMASA-2020-3/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-3/
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665
reference_id 954665
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
28
reference_url https://github.com/advisories/GHSA-f4cr-3xmc-2wpm
reference_id GHSA-f4cr-3xmc-2wpm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f4cr-3xmc-2wpm
29
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.2
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-araw-4wdy-hqcz
3
vulnerability VCID-dsxw-w87t-eycw
4
vulnerability VCID-mk34-h4nz-b3ey
5
vulnerability VCID-rqy8-n6fr-hqey
6
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2
aliases CVE-2020-10802, GHSA-f4cr-3xmc-2wpm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngtc-xtjn-xbhp
7
url VCID-rqy8-n6fr-hqey
vulnerability_id VCID-rqy8-n6fr-hqey
summary 
Exposure of Sensitive Information to an Unauthorized Actor
PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0813
reference_id
reference_type
scores
0
value 0.00318
scoring_system epss
scoring_elements 0.54905
published_at 2026-04-16T12:55:00Z
1
value 0.00318
scoring_system epss
scoring_elements 0.54888
published_at 2026-04-21T12:55:00Z
2
value 0.00318
scoring_system epss
scoring_elements 0.54908
published_at 2026-04-18T12:55:00Z
3
value 0.00437
scoring_system epss
scoring_elements 0.63043
published_at 2026-04-04T12:55:00Z
4
value 0.00437
scoring_system epss
scoring_elements 0.62955
published_at 2026-04-01T12:55:00Z
5
value 0.00437
scoring_system epss
scoring_elements 0.63014
published_at 2026-04-02T12:55:00Z
6
value 0.00437
scoring_system epss
scoring_elements 0.63007
published_at 2026-04-07T12:55:00Z
7
value 0.00437
scoring_system epss
scoring_elements 0.63058
published_at 2026-04-08T12:55:00Z
8
value 0.00437
scoring_system epss
scoring_elements 0.63074
published_at 2026-04-09T12:55:00Z
9
value 0.00437
scoring_system epss
scoring_elements 0.63091
published_at 2026-04-11T12:55:00Z
10
value 0.00437
scoring_system epss
scoring_elements 0.63077
published_at 2026-04-12T12:55:00Z
11
value 0.00437
scoring_system epss
scoring_elements 0.63055
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0813
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.gentoo.org/glsa/202311-17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202311-17
4
reference_url https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information
reference_id
reference_type
scores
url https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information
5
reference_url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released
6
reference_url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0813
reference_id CVE-2022-0813
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0813
8
reference_url https://github.com/advisories/GHSA-vx8q-j7h9-vf6q
reference_id GHSA-vx8q-j7h9-vf6q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vx8q-j7h9-vf6q
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.1.2
purl pkg:composer/phpmyadmin/phpmyadmin@5.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
1
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2
1
url pkg:composer/phpmyadmin/phpmyadmin@5.1.3
purl pkg:composer/phpmyadmin/phpmyadmin@5.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
1
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.3
aliases CVE-2022-0813, GHSA-vx8q-j7h9-vf6q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rqy8-n6fr-hqey
8
url VCID-tks3-6uv4-kygf
vulnerability_id VCID-tks3-6uv4-kygf
summary 
phpMyAdmin SQL Injection
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10804
reference_id
reference_type
scores
0
value 0.02444
scoring_system epss
scoring_elements 0.85208
published_at 2026-04-18T12:55:00Z
1
value 0.02444
scoring_system epss
scoring_elements 0.85114
published_at 2026-04-01T12:55:00Z
2
value 0.02444
scoring_system epss
scoring_elements 0.85127
published_at 2026-04-02T12:55:00Z
3
value 0.02444
scoring_system epss
scoring_elements 0.85144
published_at 2026-04-04T12:55:00Z
4
value 0.02444
scoring_system epss
scoring_elements 0.85147
published_at 2026-04-07T12:55:00Z
5
value 0.02444
scoring_system epss
scoring_elements 0.85169
published_at 2026-04-08T12:55:00Z
6
value 0.02444
scoring_system epss
scoring_elements 0.85177
published_at 2026-04-09T12:55:00Z
7
value 0.02444
scoring_system epss
scoring_elements 0.85191
published_at 2026-04-11T12:55:00Z
8
value 0.02444
scoring_system epss
scoring_elements 0.85189
published_at 2026-04-12T12:55:00Z
9
value 0.02444
scoring_system epss
scoring_elements 0.85186
published_at 2026-04-13T12:55:00Z
10
value 0.02444
scoring_system epss
scoring_elements 0.85207
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10804
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10804
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10804
14
reference_url https://www.phpmyadmin.net/security/PMASA-2020-2
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-2
15
reference_url https://www.phpmyadmin.net/security/PMASA-2020-2/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-2/
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667
reference_id 954667
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
26
reference_url https://github.com/advisories/GHSA-h65r-8fp8-w7cx
reference_id GHSA-h65r-8fp8-w7cx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h65r-8fp8-w7cx
27
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.2
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-araw-4wdy-hqcz
3
vulnerability VCID-dsxw-w87t-eycw
4
vulnerability VCID-mk34-h4nz-b3ey
5
vulnerability VCID-rqy8-n6fr-hqey
6
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2
aliases CVE-2020-10804, GHSA-h65r-8fp8-w7cx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tks3-6uv4-kygf
9
url VCID-ym9b-4su6-6fbr
vulnerability_id VCID-ym9b-4su6-6fbr
summary 
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25727
reference_id
reference_type
scores
0
value 0.1094
scoring_system epss
scoring_elements 0.93405
published_at 2026-04-13T12:55:00Z
1
value 0.1094
scoring_system epss
scoring_elements 0.93434
published_at 2026-04-21T12:55:00Z
2
value 0.1094
scoring_system epss
scoring_elements 0.93428
published_at 2026-04-18T12:55:00Z
3
value 0.1094
scoring_system epss
scoring_elements 0.93423
published_at 2026-04-16T12:55:00Z
4
value 0.11079
scoring_system epss
scoring_elements 0.93425
published_at 2026-04-02T12:55:00Z
5
value 0.11079
scoring_system epss
scoring_elements 0.93433
published_at 2026-04-07T12:55:00Z
6
value 0.11079
scoring_system epss
scoring_elements 0.93441
published_at 2026-04-08T12:55:00Z
7
value 0.11079
scoring_system epss
scoring_elements 0.93445
published_at 2026-04-09T12:55:00Z
8
value 0.11079
scoring_system epss
scoring_elements 0.9345
published_at 2026-04-11T12:55:00Z
9
value 0.11079
scoring_system epss
scoring_elements 0.93451
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25727
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
5
reference_url https://www.phpmyadmin.net/security/PMASA-2023-1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2023-1
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25727
reference_id CVE-2023-25727
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25727
7
reference_url https://github.com/advisories/GHSA-6hr3-44gx-g6wh
reference_id GHSA-6hr3-44gx-g6wh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hr3-44gx-g6wh
8
reference_url https://www.phpmyadmin.net/security/PMASA-2023-1/
reference_id PMASA-2023-1
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/
url https://www.phpmyadmin.net/security/PMASA-2023-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.2.1
purl pkg:composer/phpmyadmin/phpmyadmin@5.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.1
aliases CVE-2023-25727, GHSA-6hr3-44gx-g6wh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ym9b-4su6-6fbr
10
url VCID-znfm-ak2t-mqdd
vulnerability_id VCID-znfm-ak2t-mqdd
summary 
phpMyAdmin SQL injection vulnerability
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10803
reference_id
reference_type
scores
0
value 0.03554
scoring_system epss
scoring_elements 0.87708
published_at 2026-04-21T12:55:00Z
1
value 0.03554
scoring_system epss
scoring_elements 0.87643
published_at 2026-04-01T12:55:00Z
2
value 0.03554
scoring_system epss
scoring_elements 0.87653
published_at 2026-04-02T12:55:00Z
3
value 0.03554
scoring_system epss
scoring_elements 0.87666
published_at 2026-04-04T12:55:00Z
4
value 0.03554
scoring_system epss
scoring_elements 0.87667
published_at 2026-04-07T12:55:00Z
5
value 0.03554
scoring_system epss
scoring_elements 0.87688
published_at 2026-04-08T12:55:00Z
6
value 0.03554
scoring_system epss
scoring_elements 0.87694
published_at 2026-04-09T12:55:00Z
7
value 0.03554
scoring_system epss
scoring_elements 0.87706
published_at 2026-04-11T12:55:00Z
8
value 0.03554
scoring_system epss
scoring_elements 0.87699
published_at 2026-04-12T12:55:00Z
9
value 0.03554
scoring_system epss
scoring_elements 0.87697
published_at 2026-04-13T12:55:00Z
10
value 0.03554
scoring_system epss
scoring_elements 0.87712
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10803
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10803
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10803
15
reference_url https://www.phpmyadmin.net/security/PMASA-2020-4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-4
16
reference_url https://www.phpmyadmin.net/security/PMASA-2020-4/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-4/
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666
reference_id 954666
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
28
reference_url https://github.com/advisories/GHSA-fcww-8wvc-38q9
reference_id GHSA-fcww-8wvc-38q9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fcww-8wvc-38q9
29
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@5.0.2
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-araw-4wdy-hqcz
3
vulnerability VCID-dsxw-w87t-eycw
4
vulnerability VCID-mk34-h4nz-b3ey
5
vulnerability VCID-rqy8-n6fr-hqey
6
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2
aliases CVE-2020-10803, GHSA-fcww-8wvc-38q9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znfm-ak2t-mqdd
Fixing_vulnerabilities
0
url VCID-986a-3m4g-83ge
vulnerability_id VCID-986a-3m4g-83ge
summary 
Cross-Site Request Forgery (CSRF)
By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19969
reference_id
reference_type
scores
0
value 0.00458
scoring_system epss
scoring_elements 0.63934
published_at 2026-04-07T12:55:00Z
1
value 0.00458
scoring_system epss
scoring_elements 0.64006
published_at 2026-04-21T12:55:00Z
2
value 0.00458
scoring_system epss
scoring_elements 0.64017
published_at 2026-04-18T12:55:00Z
3
value 0.00458
scoring_system epss
scoring_elements 0.64005
published_at 2026-04-16T12:55:00Z
4
value 0.00458
scoring_system epss
scoring_elements 0.6397
published_at 2026-04-13T12:55:00Z
5
value 0.00458
scoring_system epss
scoring_elements 0.64
published_at 2026-04-12T12:55:00Z
6
value 0.00458
scoring_system epss
scoring_elements 0.64014
published_at 2026-04-11T12:55:00Z
7
value 0.00458
scoring_system epss
scoring_elements 0.64002
published_at 2026-04-09T12:55:00Z
8
value 0.00458
scoring_system epss
scoring_elements 0.63888
published_at 2026-04-01T12:55:00Z
9
value 0.00458
scoring_system epss
scoring_elements 0.63947
published_at 2026-04-02T12:55:00Z
10
value 0.00458
scoring_system epss
scoring_elements 0.63984
published_at 2026-04-08T12:55:00Z
11
value 0.00458
scoring_system epss
scoring_elements 0.63974
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19969
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
2
reference_url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175
3
reference_url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/
reference_id
reference_type
scores
url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/
4
reference_url https://www.phpmyadmin.net/security/PMASA-2018-7
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-7
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-7/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-7/
6
reference_url http://www.securityfocus.com/bid/106175
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106175
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19969
reference_id CVE-2018-19969
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19969
8
reference_url https://github.com/advisories/GHSA-xwf2-53mc-r8hx
reference_id GHSA-xwf2-53mc-r8hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xwf2-53mc-r8hx
9
reference_url https://security.gentoo.org/glsa/201904-16
reference_id GLSA-201904-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.7.7
purl pkg:composer/phpmyadmin/phpmyadmin@4.7.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-br1c-5bzf-ufeu
3
vulnerability VCID-c91y-txcw-2kdy
4
vulnerability VCID-ebk2-vjau-57h9
5
vulnerability VCID-fchc-55te-akhe
6
vulnerability VCID-g6ud-92qe-hqcx
7
vulnerability VCID-gu4y-aeqx-mqak
8
vulnerability VCID-jma9-9uhu-xuc3
9
vulnerability VCID-mwtw-n1tv-hfd9
10
vulnerability VCID-ngtc-xtjn-xbhp
11
vulnerability VCID-qcra-cu62-43he
12
vulnerability VCID-rqy8-n6fr-hqey
13
vulnerability VCID-scu3-cfyc-9qfz
14
vulnerability VCID-tks3-6uv4-kygf
15
vulnerability VCID-yfja-ssw3-skh1
16
vulnerability VCID-ym9b-4su6-6fbr
17
vulnerability VCID-znfm-ak2t-mqdd
18
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.7
1
url pkg:composer/phpmyadmin/phpmyadmin@4.8.4
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-br1c-5bzf-ufeu
3
vulnerability VCID-g6ud-92qe-hqcx
4
vulnerability VCID-gu4y-aeqx-mqak
5
vulnerability VCID-jma9-9uhu-xuc3
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-scu3-cfyc-9qfz
9
vulnerability VCID-tks3-6uv4-kygf
10
vulnerability VCID-yfja-ssw3-skh1
11
vulnerability VCID-ym9b-4su6-6fbr
12
vulnerability VCID-znfm-ak2t-mqdd
13
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4
2
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2018-19969, GHSA-xwf2-53mc-r8hx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-986a-3m4g-83ge
1
url VCID-9auw-hwad-ybaf
vulnerability_id VCID-9auw-hwad-ybaf
summary 
Improper Authentication
An issue was discovered in phpMyAdm in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for allowed pages.
references
0
reference_url http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12613
reference_id
reference_type
scores
0
value 0.94281
scoring_system epss
scoring_elements 0.99938
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12613
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://www.exploit-db.com/exploits/44924
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44924
4
reference_url https://www.exploit-db.com/exploits/44924/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44924/
5
reference_url https://www.exploit-db.com/exploits/44928
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44928
6
reference_url https://www.exploit-db.com/exploits/44928/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44928/
7
reference_url https://www.exploit-db.com/exploits/45020
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/45020
8
reference_url https://www.exploit-db.com/exploits/45020/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/45020/
9
reference_url https://www.phpmyadmin.net/security/PMASA-2018-4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-4
10
reference_url https://www.phpmyadmin.net/security/PMASA-2018-4/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-4/
11
reference_url http://www.securityfocus.com/bid/104532
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104532
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb
14
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt
16
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py
17
reference_url https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR
reference_id CVE-2018-12613
reference_type exploit
scores
url https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12613
reference_id CVE-2018-12613
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-12613
19
reference_url https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb
reference_id CVE-2018-12613
reference_type exploit
scores
url https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb
20
reference_url https://github.com/advisories/GHSA-x394-g9j8-x7mf
reference_id GHSA-x394-g9j8-x7mf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x394-g9j8-x7mf
21
reference_url https://security.gentoo.org/glsa/201904-16
reference_id GLSA-201904-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.8.2
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-986a-3m4g-83ge
3
vulnerability VCID-br1c-5bzf-ufeu
4
vulnerability VCID-ebk2-vjau-57h9
5
vulnerability VCID-fchc-55te-akhe
6
vulnerability VCID-g6ud-92qe-hqcx
7
vulnerability VCID-gu4y-aeqx-mqak
8
vulnerability VCID-jma9-9uhu-xuc3
9
vulnerability VCID-ngtc-xtjn-xbhp
10
vulnerability VCID-qcra-cu62-43he
11
vulnerability VCID-rqy8-n6fr-hqey
12
vulnerability VCID-scu3-cfyc-9qfz
13
vulnerability VCID-tks3-6uv4-kygf
14
vulnerability VCID-yfja-ssw3-skh1
15
vulnerability VCID-ym9b-4su6-6fbr
16
vulnerability VCID-znfm-ak2t-mqdd
17
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.2
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2018-12613, GHSA-x394-g9j8-x7mf
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9auw-hwad-ybaf
2
url VCID-br1c-5bzf-ufeu
vulnerability_id VCID-br1c-5bzf-ufeu
summary 
SQL Injection
An issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6798
reference_id
reference_type
scores
0
value 0.00538
scoring_system epss
scoring_elements 0.67578
published_at 2026-04-21T12:55:00Z
1
value 0.00538
scoring_system epss
scoring_elements 0.67474
published_at 2026-04-01T12:55:00Z
2
value 0.00538
scoring_system epss
scoring_elements 0.6751
published_at 2026-04-07T12:55:00Z
3
value 0.00538
scoring_system epss
scoring_elements 0.67532
published_at 2026-04-04T12:55:00Z
4
value 0.00538
scoring_system epss
scoring_elements 0.67562
published_at 2026-04-08T12:55:00Z
5
value 0.00538
scoring_system epss
scoring_elements 0.67575
published_at 2026-04-09T12:55:00Z
6
value 0.00538
scoring_system epss
scoring_elements 0.67598
published_at 2026-04-11T12:55:00Z
7
value 0.00538
scoring_system epss
scoring_elements 0.67584
published_at 2026-04-12T12:55:00Z
8
value 0.00538
scoring_system epss
scoring_elements 0.67551
published_at 2026-04-13T12:55:00Z
9
value 0.00538
scoring_system epss
scoring_elements 0.67587
published_at 2026-04-16T12:55:00Z
10
value 0.00538
scoring_system epss
scoring_elements 0.67599
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6798
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://www.phpmyadmin.net/security/PMASA-2019-2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-2
4
reference_url https://www.phpmyadmin.net/security/PMASA-2019-2/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-2/
5
reference_url http://www.securityfocus.com/bid/106727
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106727
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822
reference_id 920822
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6798
reference_id CVE-2019-6798
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6798
9
reference_url https://github.com/advisories/GHSA-f732-fxh6-g4qj
reference_id GHSA-f732-fxh6-g4qj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f732-fxh6-g4qj
10
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
11
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.8.5
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-g6ud-92qe-hqcx
3
vulnerability VCID-gu4y-aeqx-mqak
4
vulnerability VCID-jma9-9uhu-xuc3
5
vulnerability VCID-ngtc-xtjn-xbhp
6
vulnerability VCID-rqy8-n6fr-hqey
7
vulnerability VCID-scu3-cfyc-9qfz
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
11
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2019-6798, GHSA-f732-fxh6-g4qj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-br1c-5bzf-ufeu
3
url VCID-c91y-txcw-2kdy
vulnerability_id VCID-c91y-txcw-2kdy
summary 
Cross-site Scripting
An issue was discovered in `js/designer/move.js` in phpMyAdm A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12581
reference_id
reference_type
scores
0
value 0.0062
scoring_system epss
scoring_elements 0.70001
published_at 2026-04-04T12:55:00Z
1
value 0.0062
scoring_system epss
scoring_elements 0.70069
published_at 2026-04-21T12:55:00Z
2
value 0.0062
scoring_system epss
scoring_elements 0.69974
published_at 2026-04-01T12:55:00Z
3
value 0.0062
scoring_system epss
scoring_elements 0.70026
published_at 2026-04-08T12:55:00Z
4
value 0.0062
scoring_system epss
scoring_elements 0.69987
published_at 2026-04-02T12:55:00Z
5
value 0.0062
scoring_system epss
scoring_elements 0.69978
published_at 2026-04-07T12:55:00Z
6
value 0.0062
scoring_system epss
scoring_elements 0.70089
published_at 2026-04-18T12:55:00Z
7
value 0.0062
scoring_system epss
scoring_elements 0.7008
published_at 2026-04-16T12:55:00Z
8
value 0.0062
scoring_system epss
scoring_elements 0.70037
published_at 2026-04-13T12:55:00Z
9
value 0.0062
scoring_system epss
scoring_elements 0.7005
published_at 2026-04-12T12:55:00Z
10
value 0.0062
scoring_system epss
scoring_elements 0.70065
published_at 2026-04-11T12:55:00Z
11
value 0.0062
scoring_system epss
scoring_elements 0.70042
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12581
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
3
reference_url https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530
4
reference_url https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-3
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-3/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-3/
7
reference_url http://www.securityfocus.com/bid/104530
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104530
8
reference_url http://www.securitytracker.com/id/1041187
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041187
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12581
reference_id CVE-2018-12581
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-12581
11
reference_url https://github.com/advisories/GHSA-vxj6-pm6r-23hq
reference_id GHSA-vxj6-pm6r-23hq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxj6-pm6r-23hq
12
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.8.2
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-986a-3m4g-83ge
3
vulnerability VCID-br1c-5bzf-ufeu
4
vulnerability VCID-ebk2-vjau-57h9
5
vulnerability VCID-fchc-55te-akhe
6
vulnerability VCID-g6ud-92qe-hqcx
7
vulnerability VCID-gu4y-aeqx-mqak
8
vulnerability VCID-jma9-9uhu-xuc3
9
vulnerability VCID-ngtc-xtjn-xbhp
10
vulnerability VCID-qcra-cu62-43he
11
vulnerability VCID-rqy8-n6fr-hqey
12
vulnerability VCID-scu3-cfyc-9qfz
13
vulnerability VCID-tks3-6uv4-kygf
14
vulnerability VCID-yfja-ssw3-skh1
15
vulnerability VCID-ym9b-4su6-6fbr
16
vulnerability VCID-znfm-ak2t-mqdd
17
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.2
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2018-12581, GHSA-vxj6-pm6r-23hq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c91y-txcw-2kdy
4
url VCID-ebk2-vjau-57h9
vulnerability_id VCID-ebk2-vjau-57h9
summary 
Information Exposure
An attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19968
reference_id
reference_type
scores
0
value 0.02543
scoring_system epss
scoring_elements 0.85409
published_at 2026-04-02T12:55:00Z
1
value 0.02543
scoring_system epss
scoring_elements 0.85495
published_at 2026-04-21T12:55:00Z
2
value 0.02543
scoring_system epss
scoring_elements 0.85498
published_at 2026-04-18T12:55:00Z
3
value 0.02543
scoring_system epss
scoring_elements 0.85494
published_at 2026-04-16T12:55:00Z
4
value 0.02543
scoring_system epss
scoring_elements 0.8547
published_at 2026-04-13T12:55:00Z
5
value 0.02543
scoring_system epss
scoring_elements 0.85429
published_at 2026-04-04T12:55:00Z
6
value 0.02543
scoring_system epss
scoring_elements 0.85397
published_at 2026-04-01T12:55:00Z
7
value 0.02543
scoring_system epss
scoring_elements 0.85474
published_at 2026-04-12T12:55:00Z
8
value 0.02543
scoring_system epss
scoring_elements 0.85475
published_at 2026-04-11T12:55:00Z
9
value 0.02543
scoring_system epss
scoring_elements 0.85461
published_at 2026-04-09T12:55:00Z
10
value 0.02543
scoring_system epss
scoring_elements 0.85453
published_at 2026-04-08T12:55:00Z
11
value 0.02543
scoring_system epss
scoring_elements 0.85432
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19968
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732
4
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-6
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-6/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-6/
7
reference_url http://www.securityfocus.com/bid/106178
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106178
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19968
reference_id CVE-2018-19968
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19968
9
reference_url https://github.com/advisories/GHSA-xc97-r49q-cxgc
reference_id GHSA-xc97-r49q-cxgc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xc97-r49q-cxgc
10
reference_url https://security.gentoo.org/glsa/201904-16
reference_id GLSA-201904-16
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
11
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
12
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.8.4
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-br1c-5bzf-ufeu
3
vulnerability VCID-g6ud-92qe-hqcx
4
vulnerability VCID-gu4y-aeqx-mqak
5
vulnerability VCID-jma9-9uhu-xuc3
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-scu3-cfyc-9qfz
9
vulnerability VCID-tks3-6uv4-kygf
10
vulnerability VCID-yfja-ssw3-skh1
11
vulnerability VCID-ym9b-4su6-6fbr
12
vulnerability VCID-znfm-ak2t-mqdd
13
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2018-19968, GHSA-xc97-r49q-cxgc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9
5
url VCID-ftdj-p5as-97hd
vulnerability_id VCID-ftdj-p5as-97hd
summary 
Cross-Site Request Forgery (CSRF)
phpMyAdm has CSRF, allowing an attacker to execute arbitrary SQL statements, related to `js/db_operations.js`, `js/tbl_operations.js`, `libraries/classes/Operations.php`, and `sql.php.`
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10188
reference_id
reference_type
scores
0
value 0.00935
scoring_system epss
scoring_elements 0.7618
published_at 2026-04-21T12:55:00Z
1
value 0.00935
scoring_system epss
scoring_elements 0.76093
published_at 2026-04-01T12:55:00Z
2
value 0.00935
scoring_system epss
scoring_elements 0.76096
published_at 2026-04-02T12:55:00Z
3
value 0.00935
scoring_system epss
scoring_elements 0.76128
published_at 2026-04-04T12:55:00Z
4
value 0.00935
scoring_system epss
scoring_elements 0.76107
published_at 2026-04-07T12:55:00Z
5
value 0.00935
scoring_system epss
scoring_elements 0.7614
published_at 2026-04-08T12:55:00Z
6
value 0.00935
scoring_system epss
scoring_elements 0.76153
published_at 2026-04-09T12:55:00Z
7
value 0.00935
scoring_system epss
scoring_elements 0.76179
published_at 2026-04-11T12:55:00Z
8
value 0.00935
scoring_system epss
scoring_elements 0.76155
published_at 2026-04-12T12:55:00Z
9
value 0.00935
scoring_system epss
scoring_elements 0.76152
published_at 2026-04-13T12:55:00Z
10
value 0.00935
scoring_system epss
scoring_elements 0.76193
published_at 2026-04-16T12:55:00Z
11
value 0.00935
scoring_system epss
scoring_elements 0.76197
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10188
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641
4
reference_url https://www.exploit-db.com/exploits/44496
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44496
5
reference_url https://www.exploit-db.com/exploits/44496/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44496/
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-2
7
reference_url https://www.phpmyadmin.net/security/PMASA-2018-2/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-2/
8
reference_url http://www.securityfocus.com/bid/103936
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103936
9
reference_url http://www.securitytracker.com/id/1040752
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040752
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490
reference_id 896490
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:*:*:*:*:*:*:*
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html
reference_id CVE-2018-10188
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10188
reference_id CVE-2018-10188
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10188
14
reference_url https://github.com/advisories/GHSA-v6fp-h79x-9rqc
reference_id GHSA-v6fp-h79x-9rqc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6fp-h79x-9rqc
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.8.0%2B1
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.0%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.0%252B1
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2018-10188, GHSA-v6fp-h79x-9rqc
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftdj-p5as-97hd
6
url VCID-gu4y-aeqx-mqak
vulnerability_id VCID-gu4y-aeqx-mqak
summary 
SQL injection in phpMyAdmin
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18622
reference_id
reference_type
scores
0
value 0.00736
scoring_system epss
scoring_elements 0.72851
published_at 2026-04-21T12:55:00Z
1
value 0.00736
scoring_system epss
scoring_elements 0.72752
published_at 2026-04-01T12:55:00Z
2
value 0.00736
scoring_system epss
scoring_elements 0.7276
published_at 2026-04-02T12:55:00Z
3
value 0.00736
scoring_system epss
scoring_elements 0.7278
published_at 2026-04-04T12:55:00Z
4
value 0.00736
scoring_system epss
scoring_elements 0.72756
published_at 2026-04-07T12:55:00Z
5
value 0.00736
scoring_system epss
scoring_elements 0.72794
published_at 2026-04-08T12:55:00Z
6
value 0.00736
scoring_system epss
scoring_elements 0.72808
published_at 2026-04-09T12:55:00Z
7
value 0.00736
scoring_system epss
scoring_elements 0.72832
published_at 2026-04-11T12:55:00Z
8
value 0.00736
scoring_system epss
scoring_elements 0.72815
published_at 2026-04-12T12:55:00Z
9
value 0.00736
scoring_system epss
scoring_elements 0.72807
published_at 2026-04-13T12:55:00Z
10
value 0.00736
scoring_system epss
scoring_elements 0.72849
published_at 2026-04-16T12:55:00Z
11
value 0.00736
scoring_system epss
scoring_elements 0.72859
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18622
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622
4
reference_url https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18622
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18622
12
reference_url https://security.gentoo.org/glsa/202003-39
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202003-39
13
reference_url https://www.phpmyadmin.net/security/PMASA-2019-5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-5
14
reference_url https://www.phpmyadmin.net/security/PMASA-2019-5/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-5/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349
reference_id 945349
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
23
reference_url https://github.com/advisories/GHSA-jgjc-332c-8cmc
reference_id GHSA-jgjc-332c-8cmc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jgjc-332c-8cmc
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.9.2
purl pkg:composer/phpmyadmin/phpmyadmin@4.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-5657-kcyh-7bc2
3
vulnerability VCID-mk34-h4nz-b3ey
4
vulnerability VCID-na3j-h3qr-k7dc
5
vulnerability VCID-ngtc-xtjn-xbhp
6
vulnerability VCID-rqy8-n6fr-hqey
7
vulnerability VCID-tks3-6uv4-kygf
8
vulnerability VCID-ym9b-4su6-6fbr
9
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2019-18622, GHSA-jgjc-332c-8cmc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gu4y-aeqx-mqak
7
url VCID-mwtw-n1tv-hfd9
vulnerability_id VCID-mwtw-n1tv-hfd9
summary 
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in `db_central_columns.php` in phpMyAdm allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7260
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53422
published_at 2026-04-02T12:55:00Z
1
value 0.00302
scoring_system epss
scoring_elements 0.53503
published_at 2026-04-21T12:55:00Z
2
value 0.00302
scoring_system epss
scoring_elements 0.53522
published_at 2026-04-18T12:55:00Z
3
value 0.00302
scoring_system epss
scoring_elements 0.53517
published_at 2026-04-16T12:55:00Z
4
value 0.00302
scoring_system epss
scoring_elements 0.53481
published_at 2026-04-13T12:55:00Z
5
value 0.00302
scoring_system epss
scoring_elements 0.53448
published_at 2026-04-04T12:55:00Z
6
value 0.00302
scoring_system epss
scoring_elements 0.53399
published_at 2026-04-01T12:55:00Z
7
value 0.00302
scoring_system epss
scoring_elements 0.53498
published_at 2026-04-12T12:55:00Z
8
value 0.00302
scoring_system epss
scoring_elements 0.53515
published_at 2026-04-11T12:55:00Z
9
value 0.00302
scoring_system epss
scoring_elements 0.53466
published_at 2026-04-09T12:55:00Z
10
value 0.00302
scoring_system epss
scoring_elements 0.53469
published_at 2026-04-08T12:55:00Z
11
value 0.00302
scoring_system epss
scoring_elements 0.53417
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7260
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3
4
reference_url https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-1
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-1/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-1/
7
reference_url http://www.securityfocus.com/bid/103099
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103099
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539
reference_id 893539
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539
9
reference_url https://security.archlinux.org/ASA-201802-11
reference_id ASA-201802-11
reference_type
scores
url https://security.archlinux.org/ASA-201802-11
10
reference_url https://security.archlinux.org/AVG-630
reference_id AVG-630
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-630
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7260
reference_id CVE-2018-7260
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-7260
12
reference_url https://github.com/advisories/GHSA-gqmj-f46x-wqhw
reference_id GHSA-gqmj-f46x-wqhw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gqmj-f46x-wqhw
13
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
14
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.7.8
purl pkg:composer/phpmyadmin/phpmyadmin@4.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-br1c-5bzf-ufeu
3
vulnerability VCID-c91y-txcw-2kdy
4
vulnerability VCID-ebk2-vjau-57h9
5
vulnerability VCID-fchc-55te-akhe
6
vulnerability VCID-g6ud-92qe-hqcx
7
vulnerability VCID-gu4y-aeqx-mqak
8
vulnerability VCID-jma9-9uhu-xuc3
9
vulnerability VCID-ngtc-xtjn-xbhp
10
vulnerability VCID-qcra-cu62-43he
11
vulnerability VCID-rqy8-n6fr-hqey
12
vulnerability VCID-scu3-cfyc-9qfz
13
vulnerability VCID-tks3-6uv4-kygf
14
vulnerability VCID-yfja-ssw3-skh1
15
vulnerability VCID-ym9b-4su6-6fbr
16
vulnerability VCID-znfm-ak2t-mqdd
17
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.8
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2018-7260, GHSA-gqmj-f46x-wqhw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mwtw-n1tv-hfd9
8
url VCID-na3j-h3qr-k7dc
vulnerability_id VCID-na3j-h3qr-k7dc
summary 
Improper Authentication
An issue was discovered in phpMyAdm. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23807
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.35008
published_at 2026-04-21T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.35107
published_at 2026-04-02T12:55:00Z
2
value 0.00146
scoring_system epss
scoring_elements 0.35135
published_at 2026-04-04T12:55:00Z
3
value 0.00146
scoring_system epss
scoring_elements 0.35014
published_at 2026-04-07T12:55:00Z
4
value 0.00146
scoring_system epss
scoring_elements 0.35059
published_at 2026-04-08T12:55:00Z
5
value 0.00146
scoring_system epss
scoring_elements 0.35085
published_at 2026-04-09T12:55:00Z
6
value 0.00146
scoring_system epss
scoring_elements 0.35089
published_at 2026-04-11T12:55:00Z
7
value 0.00146
scoring_system epss
scoring_elements 0.35055
published_at 2026-04-12T12:55:00Z
8
value 0.00146
scoring_system epss
scoring_elements 0.3503
published_at 2026-04-13T12:55:00Z
9
value 0.00146
scoring_system epss
scoring_elements 0.35068
published_at 2026-04-16T12:55:00Z
10
value 0.00146
scoring_system epss
scoring_elements 0.35053
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23807
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32
4
reference_url https://security.gentoo.org/glsa/202311-17
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202311-17
5
reference_url https://www.phpmyadmin.net/security/PMASA-2022-1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2022-1
6
reference_url https://www.phpmyadmin.net/security/PMASA-2022-1/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2022-1/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23807
reference_id CVE-2022-23807
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23807
8
reference_url https://github.com/advisories/GHSA-8wf2-3ggj-78q9
reference_id GHSA-8wf2-3ggj-78q9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8wf2-3ggj-78q9
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.9.8
purl pkg:composer/phpmyadmin/phpmyadmin@4.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rqy8-n6fr-hqey
1
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.8
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
2
url pkg:composer/phpmyadmin/phpmyadmin@5.1.2
purl pkg:composer/phpmyadmin/phpmyadmin@5.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
1
vulnerability VCID-ym9b-4su6-6fbr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2
aliases CVE-2022-23807, GHSA-8wf2-3ggj-78q9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-na3j-h3qr-k7dc
9
url VCID-qcra-cu62-43he
vulnerability_id VCID-qcra-cu62-43he
summary 
Cross-site Scripting
In phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19970
reference_id
reference_type
scores
0
value 0.01501
scoring_system epss
scoring_elements 0.81175
published_at 2026-04-21T12:55:00Z
1
value 0.01501
scoring_system epss
scoring_elements 0.81074
published_at 2026-04-01T12:55:00Z
2
value 0.01501
scoring_system epss
scoring_elements 0.81083
published_at 2026-04-02T12:55:00Z
3
value 0.01501
scoring_system epss
scoring_elements 0.81108
published_at 2026-04-04T12:55:00Z
4
value 0.01501
scoring_system epss
scoring_elements 0.81107
published_at 2026-04-07T12:55:00Z
5
value 0.01501
scoring_system epss
scoring_elements 0.81135
published_at 2026-04-08T12:55:00Z
6
value 0.01501
scoring_system epss
scoring_elements 0.81141
published_at 2026-04-09T12:55:00Z
7
value 0.01501
scoring_system epss
scoring_elements 0.81159
published_at 2026-04-11T12:55:00Z
8
value 0.01501
scoring_system epss
scoring_elements 0.81146
published_at 2026-04-12T12:55:00Z
9
value 0.01501
scoring_system epss
scoring_elements 0.81139
published_at 2026-04-13T12:55:00Z
10
value 0.01501
scoring_system epss
scoring_elements 0.81176
published_at 2026-04-16T12:55:00Z
11
value 0.01501
scoring_system epss
scoring_elements 0.81178
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19970
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
4
reference_url https://www.phpmyadmin.net/security/PMASA-2018-8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-8
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-8/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-8/
6
reference_url http://www.securityfocus.com/bid/106181
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106181
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19970
reference_id CVE-2018-19970
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19970
8
reference_url https://github.com/advisories/GHSA-8987-93fh-rcwq
reference_id GHSA-8987-93fh-rcwq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8987-93fh-rcwq
9
reference_url https://security.gentoo.org/glsa/201904-16
reference_id GLSA-201904-16
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
10
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
11
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.8.4
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-br1c-5bzf-ufeu
3
vulnerability VCID-g6ud-92qe-hqcx
4
vulnerability VCID-gu4y-aeqx-mqak
5
vulnerability VCID-jma9-9uhu-xuc3
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-scu3-cfyc-9qfz
9
vulnerability VCID-tks3-6uv4-kygf
10
vulnerability VCID-yfja-ssw3-skh1
11
vulnerability VCID-ym9b-4su6-6fbr
12
vulnerability VCID-znfm-ak2t-mqdd
13
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2018-19970, GHSA-8987-93fh-rcwq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he
10
url VCID-yfja-ssw3-skh1
vulnerability_id VCID-yfja-ssw3-skh1
summary 
Information Exposure
When the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6799
reference_id
reference_type
scores
0
value 0.7658
scoring_system epss
scoring_elements 0.98948
published_at 2026-04-21T12:55:00Z
1
value 0.7658
scoring_system epss
scoring_elements 0.98933
published_at 2026-04-01T12:55:00Z
2
value 0.7658
scoring_system epss
scoring_elements 0.98935
published_at 2026-04-02T12:55:00Z
3
value 0.7658
scoring_system epss
scoring_elements 0.98937
published_at 2026-04-04T12:55:00Z
4
value 0.7658
scoring_system epss
scoring_elements 0.98939
published_at 2026-04-07T12:55:00Z
5
value 0.7658
scoring_system epss
scoring_elements 0.98941
published_at 2026-04-09T12:55:00Z
6
value 0.7658
scoring_system epss
scoring_elements 0.98943
published_at 2026-04-11T12:55:00Z
7
value 0.7658
scoring_system epss
scoring_elements 0.98944
published_at 2026-04-13T12:55:00Z
8
value 0.7658
scoring_system epss
scoring_elements 0.98946
published_at 2026-04-16T12:55:00Z
9
value 0.7658
scoring_system epss
scoring_elements 0.98947
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6799
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html
4
reference_url https://www.phpmyadmin.net/security/PMASA-2019-1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-1
5
reference_url https://www.phpmyadmin.net/security/PMASA-2019-1/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-1/
6
reference_url http://www.securityfocus.com/bid/106736
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106736
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823
reference_id 920823
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6799
reference_id CVE-2019-6799
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6799
11
reference_url https://github.com/advisories/GHSA-c8wj-q36q-3wg4
reference_id GHSA-c8wj-q36q-3wg4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c8wj-q36q-3wg4
12
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.8.5
purl pkg:composer/phpmyadmin/phpmyadmin@4.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-5657-kcyh-7bc2
2
vulnerability VCID-g6ud-92qe-hqcx
3
vulnerability VCID-gu4y-aeqx-mqak
4
vulnerability VCID-jma9-9uhu-xuc3
5
vulnerability VCID-ngtc-xtjn-xbhp
6
vulnerability VCID-rqy8-n6fr-hqey
7
vulnerability VCID-scu3-cfyc-9qfz
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
11
vulnerability VCID-zyzp-aqd8-e3a9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2019-6799, GHSA-c8wj-q36q-3wg4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yfja-ssw3-skh1
11
url VCID-zyzp-aqd8-e3a9
vulnerability_id VCID-zyzp-aqd8-e3a9
summary 
phpMyAdmin Cross-Site Request Forgery (CSRF)
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
2
reference_url http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12922
reference_id
reference_type
scores
0
value 0.4225
scoring_system epss
scoring_elements 0.97459
published_at 2026-04-21T12:55:00Z
1
value 0.4225
scoring_system epss
scoring_elements 0.97422
published_at 2026-04-01T12:55:00Z
2
value 0.4225
scoring_system epss
scoring_elements 0.97429
published_at 2026-04-02T12:55:00Z
3
value 0.4225
scoring_system epss
scoring_elements 0.97433
published_at 2026-04-04T12:55:00Z
4
value 0.4225
scoring_system epss
scoring_elements 0.97434
published_at 2026-04-07T12:55:00Z
5
value 0.4225
scoring_system epss
scoring_elements 0.97441
published_at 2026-04-08T12:55:00Z
6
value 0.4225
scoring_system epss
scoring_elements 0.97442
published_at 2026-04-09T12:55:00Z
7
value 0.4225
scoring_system epss
scoring_elements 0.97445
published_at 2026-04-11T12:55:00Z
8
value 0.4225
scoring_system epss
scoring_elements 0.97447
published_at 2026-04-13T12:55:00Z
9
value 0.4225
scoring_system epss
scoring_elements 0.97456
published_at 2026-04-16T12:55:00Z
10
value 0.4225
scoring_system epss
scoring_elements 0.9746
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12922
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922
5
reference_url http://seclists.org/fulldisclosure/2019/Sep/23
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Sep/23
6
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12922
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:P
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12922
15
reference_url https://www.exploit-db.com/exploits/47385
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/47385
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
20
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt
reference_id CVE-2019-12922
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt
21
reference_url https://github.com/advisories/GHSA-4c9q-64gq-xhx4
reference_id GHSA-4c9q-64gq-xhx4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4c9q-64gq-xhx4
22
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.9.1
purl pkg:composer/phpmyadmin/phpmyadmin@4.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-5657-kcyh-7bc2
3
vulnerability VCID-g6ud-92qe-hqcx
4
vulnerability VCID-gu4y-aeqx-mqak
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-na3j-h3qr-k7dc
7
vulnerability VCID-ngtc-xtjn-xbhp
8
vulnerability VCID-rqy8-n6fr-hqey
9
vulnerability VCID-tks3-6uv4-kygf
10
vulnerability VCID-ym9b-4su6-6fbr
11
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.1
1
url pkg:composer/phpmyadmin/phpmyadmin@5.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jjv-4en4-e3gx
1
vulnerability VCID-2y3v-jnph-hfh4
2
vulnerability VCID-41mv-6vqr-sua6
3
vulnerability VCID-5657-kcyh-7bc2
4
vulnerability VCID-araw-4wdy-hqcz
5
vulnerability VCID-mk34-h4nz-b3ey
6
vulnerability VCID-ngtc-xtjn-xbhp
7
vulnerability VCID-rqy8-n6fr-hqey
8
vulnerability VCID-tks3-6uv4-kygf
9
vulnerability VCID-ym9b-4su6-6fbr
10
vulnerability VCID-znfm-ak2t-mqdd
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0
aliases CVE-2019-12922, GHSA-4c9q-64gq-xhx4
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzp-aqd8-e3a9
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0