Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/phpmyadmin/phpmyadmin@4.3.0
Typecomposer
Namespacephpmyadmin
Namephpmyadmin
Version4.3.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.9.11
Latest_non_vulnerable_version5.2.2
Affected_by_vulnerabilities
0
url VCID-w56h-g9t8-1fgu
vulnerability_id VCID-w56h-g9t8-1fgu
summary 
phpMyAdmin ReCaptcha bypass
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166294.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166294.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166307.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166307.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166531.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166531.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6830
reference_id
reference_type
scores
0
value 0.21219
scoring_system epss
scoring_elements 0.95684
published_at 2026-04-21T12:55:00Z
1
value 0.21219
scoring_system epss
scoring_elements 0.95651
published_at 2026-04-07T12:55:00Z
2
value 0.21219
scoring_system epss
scoring_elements 0.95659
published_at 2026-04-08T12:55:00Z
3
value 0.21219
scoring_system epss
scoring_elements 0.95663
published_at 2026-04-09T12:55:00Z
4
value 0.21219
scoring_system epss
scoring_elements 0.95668
published_at 2026-04-11T12:55:00Z
5
value 0.21219
scoring_system epss
scoring_elements 0.95667
published_at 2026-04-12T12:55:00Z
6
value 0.21219
scoring_system epss
scoring_elements 0.9567
published_at 2026-04-13T12:55:00Z
7
value 0.21219
scoring_system epss
scoring_elements 0.95678
published_at 2026-04-16T12:55:00Z
8
value 0.21219
scoring_system epss
scoring_elements 0.95681
published_at 2026-04-18T12:55:00Z
9
value 0.21219
scoring_system epss
scoring_elements 0.95633
published_at 2026-04-01T12:55:00Z
10
value 0.21219
scoring_system epss
scoring_elements 0.95643
published_at 2026-04-02T12:55:00Z
11
value 0.21219
scoring_system epss
scoring_elements 0.95648
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6830
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
11
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/0314e67900f01410bc8c81c58a40dc0515e3c91d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/0314e67900f01410bc8c81c58a40dc0515e3c91d
12
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/785f4e2711848eb8945894199d5870253a88584e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/785f4e2711848eb8945894199d5870253a88584e
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-6830
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-6830
14
reference_url https://web.archive.org/web/20200228052837/http://www.securityfocus.com/bid/76674
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228052837/http://www.securityfocus.com/bid/76674
15
reference_url https://web.archive.org/web/20211215060142/http://www.securitytracker.com/id/1033546
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211215060142/http://www.securitytracker.com/id/1033546
16
reference_url https://www.phpmyadmin.net/security/PMASA-2015-4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2015-4
17
reference_url https://www.phpmyadmin.net/security/PMASA-2015-4/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2015-4/
18
reference_url http://www.debian.org/security/2015/dsa-3382
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3382
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/52414.py
reference_id CVE-2015-6830
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/52414.py
20
reference_url https://github.com/advisories/GHSA-v6fh-vg22-r6cm
reference_id GHSA-v6fh-vg22-r6cm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6fh-vg22-r6cm
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.3.13%2B2
purl pkg:composer/phpmyadmin/phpmyadmin@4.3.13%2B2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.3.13%252B2
1
url pkg:composer/phpmyadmin/phpmyadmin@4.4.14%2B1
purl pkg:composer/phpmyadmin/phpmyadmin@4.4.14%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yp5-vqej-r7hh
1
vulnerability VCID-7h9b-a8dp-57hp
2
vulnerability VCID-uw6h-fpzy-x3ap
3
vulnerability VCID-w37b-ep3h-tfaz
4
vulnerability VCID-zreq-41ja-pbf1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.14%252B1
aliases CVE-2015-6830, GHSA-v6fh-vg22-r6cm
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w56h-g9t8-1fgu
1
url VCID-ym9b-4su6-6fbr
vulnerability_id VCID-ym9b-4su6-6fbr
summary 
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25727
reference_id
reference_type
scores
0
value 0.1094
scoring_system epss
scoring_elements 0.93405
published_at 2026-04-13T12:55:00Z
1
value 0.1094
scoring_system epss
scoring_elements 0.93434
published_at 2026-04-21T12:55:00Z
2
value 0.1094
scoring_system epss
scoring_elements 0.93428
published_at 2026-04-18T12:55:00Z
3
value 0.1094
scoring_system epss
scoring_elements 0.93423
published_at 2026-04-16T12:55:00Z
4
value 0.11079
scoring_system epss
scoring_elements 0.93425
published_at 2026-04-02T12:55:00Z
5
value 0.11079
scoring_system epss
scoring_elements 0.93433
published_at 2026-04-07T12:55:00Z
6
value 0.11079
scoring_system epss
scoring_elements 0.93441
published_at 2026-04-08T12:55:00Z
7
value 0.11079
scoring_system epss
scoring_elements 0.93445
published_at 2026-04-09T12:55:00Z
8
value 0.11079
scoring_system epss
scoring_elements 0.9345
published_at 2026-04-11T12:55:00Z
9
value 0.11079
scoring_system epss
scoring_elements 0.93451
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25727
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
5
reference_url https://www.phpmyadmin.net/security/PMASA-2023-1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2023-1
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25727
reference_id CVE-2023-25727
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25727
7
reference_url https://github.com/advisories/GHSA-6hr3-44gx-g6wh
reference_id GHSA-6hr3-44gx-g6wh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hr3-44gx-g6wh
8
reference_url https://www.phpmyadmin.net/security/PMASA-2023-1/
reference_id PMASA-2023-1
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/
url https://www.phpmyadmin.net/security/PMASA-2023-1/
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.9.11
purl pkg:composer/phpmyadmin/phpmyadmin@4.9.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.11
1
url pkg:composer/phpmyadmin/phpmyadmin@5.2.1
purl pkg:composer/phpmyadmin/phpmyadmin@5.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-araw-4wdy-hqcz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.1
aliases CVE-2023-25727, GHSA-6hr3-44gx-g6wh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ym9b-4su6-6fbr
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.3.0