Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B0
Typecomposer
Namespacephpmyadmin
Namephpmyadmin
Version4.0.10+0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.9.11
Latest_non_vulnerable_version5.2.2
Affected_by_vulnerabilities
0
url VCID-33mh-s92h-c7ht
vulnerability_id VCID-33mh-s92h-c7ht
summary 
phpMyAdmin vulnerable to Cross-Site Request Forgery
The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5739
reference_id
reference_type
scores
0
value 0.00919
scoring_system epss
scoring_elements 0.76339
published_at 2026-06-04T12:55:00Z
1
value 0.00919
scoring_system epss
scoring_elements 0.76369
published_at 2026-06-06T12:55:00Z
2
value 0.00919
scoring_system epss
scoring_elements 0.76367
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5739
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb
19
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
20
reference_url https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389
21
reference_url https://www.phpmyadmin.net/security/PMASA-2016-28
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-28
22
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5739
reference_id CVE-2016-5739
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5739
24
reference_url https://github.com/advisories/GHSA-2p7v-jm8m-g3qq
reference_id GHSA-2p7v-jm8m-g3qq
reference_type
scores
url https://github.com/advisories/GHSA-2p7v-jm8m-g3qq
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16
1
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2at1-y3qg-77fb
1
vulnerability VCID-32ja-yuuw-bbbh
2
vulnerability VCID-7vpu-x9mb-q3c6
3
vulnerability VCID-a94q-k98a-6qbw
4
vulnerability VCID-amgy-teas-euh5
5
vulnerability VCID-d3qn-js1p-7yeq
6
vulnerability VCID-dx3h-z4dg-m3e1
7
vulnerability VCID-j2k3-xghw-gfb3
8
vulnerability VCID-kfr7-v6tb-eqau
9
vulnerability VCID-mzuh-5e5y-d3hr
10
vulnerability VCID-n7cc-xfym-u7g4
11
vulnerability VCID-w6nk-akeh-4ufg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
2
url pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
purl pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7
3
url pkg:composer/phpmyadmin/phpmyadmin@4.6.3
purl pkg:composer/phpmyadmin/phpmyadmin@4.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3va7-xx14-gkds
1
vulnerability VCID-44uc-xrvp-7bet
2
vulnerability VCID-4avx-e9mf-2yb1
3
vulnerability VCID-4vgu-cagj-hfhb
4
vulnerability VCID-gmjk-222y-abda
5
vulnerability VCID-gtps-py3z-13cu
6
vulnerability VCID-jmn8-a5r9-2qc8
7
vulnerability VCID-mgu4-pf1x-r3dy
8
vulnerability VCID-nuju-ekmt-k7g9
9
vulnerability VCID-q7pe-bvr1-g3bc
10
vulnerability VCID-qqyb-zags-bbhz
11
vulnerability VCID-rz6q-hthe-1uer
12
vulnerability VCID-xqf5-yxf3-u3he
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3
aliases CVE-2016-5739, GHSA-2p7v-jm8m-g3qq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33mh-s92h-c7ht
1
url VCID-gqxb-6rey-rbhv
vulnerability_id VCID-gqxb-6rey-rbhv
summary 
phpMyAdmin vulnerable to Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5733
reference_id
reference_type
scores
0
value 0.01085
scoring_system epss
scoring_elements 0.78254
published_at 2026-06-05T12:55:00Z
1
value 0.01085
scoring_system epss
scoring_elements 0.78261
published_at 2026-06-06T12:55:00Z
2
value 0.01085
scoring_system epss
scoring_elements 0.78228
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5733
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c
20
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322
21
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b
22
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc
23
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865
24
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88
25
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
26
reference_url https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390
27
reference_url https://www.phpmyadmin.net/security/PMASA-2016-26
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-26
28
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5733
reference_id CVE-2016-5733
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5733
30
reference_url https://github.com/advisories/GHSA-cr65-p662-fx5c
reference_id GHSA-cr65-p662-fx5c
reference_type
scores
url https://github.com/advisories/GHSA-cr65-p662-fx5c
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16
1
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2at1-y3qg-77fb
1
vulnerability VCID-32ja-yuuw-bbbh
2
vulnerability VCID-7vpu-x9mb-q3c6
3
vulnerability VCID-a94q-k98a-6qbw
4
vulnerability VCID-amgy-teas-euh5
5
vulnerability VCID-d3qn-js1p-7yeq
6
vulnerability VCID-dx3h-z4dg-m3e1
7
vulnerability VCID-j2k3-xghw-gfb3
8
vulnerability VCID-kfr7-v6tb-eqau
9
vulnerability VCID-mzuh-5e5y-d3hr
10
vulnerability VCID-n7cc-xfym-u7g4
11
vulnerability VCID-w6nk-akeh-4ufg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
2
url pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
purl pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7
3
url pkg:composer/phpmyadmin/phpmyadmin@4.6.3
purl pkg:composer/phpmyadmin/phpmyadmin@4.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3va7-xx14-gkds
1
vulnerability VCID-44uc-xrvp-7bet
2
vulnerability VCID-4avx-e9mf-2yb1
3
vulnerability VCID-4vgu-cagj-hfhb
4
vulnerability VCID-gmjk-222y-abda
5
vulnerability VCID-gtps-py3z-13cu
6
vulnerability VCID-jmn8-a5r9-2qc8
7
vulnerability VCID-mgu4-pf1x-r3dy
8
vulnerability VCID-nuju-ekmt-k7g9
9
vulnerability VCID-q7pe-bvr1-g3bc
10
vulnerability VCID-qqyb-zags-bbhz
11
vulnerability VCID-rz6q-hthe-1uer
12
vulnerability VCID-xqf5-yxf3-u3he
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3
aliases CVE-2016-5733, GHSA-cr65-p662-fx5c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqxb-6rey-rbhv
2
url VCID-jxf7-1cq4-t3cv
vulnerability_id VCID-jxf7-1cq4-t3cv
summary phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5734
reference_id
reference_type
scores
0
value 0.87019
scoring_system epss
scoring_elements 0.99456
published_at 2026-06-04T12:55:00Z
1
value 0.87019
scoring_system epss
scoring_elements 0.99457
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5734
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5734
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5734
6
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
7
reference_url https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387
8
reference_url https://www.exploit-db.com/exploits/40185
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/40185
9
reference_url https://www.phpmyadmin.net/security/PMASA-2016-27
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-27
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py
reference_id CVE-2016-5734
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py
11
reference_url https://github.com/advisories/GHSA-rv57-479x-x4qv
reference_id GHSA-rv57-479x-x4qv
reference_type
scores
url https://github.com/advisories/GHSA-rv57-479x-x4qv
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16
1
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2at1-y3qg-77fb
1
vulnerability VCID-32ja-yuuw-bbbh
2
vulnerability VCID-7vpu-x9mb-q3c6
3
vulnerability VCID-a94q-k98a-6qbw
4
vulnerability VCID-amgy-teas-euh5
5
vulnerability VCID-d3qn-js1p-7yeq
6
vulnerability VCID-dx3h-z4dg-m3e1
7
vulnerability VCID-j2k3-xghw-gfb3
8
vulnerability VCID-kfr7-v6tb-eqau
9
vulnerability VCID-mzuh-5e5y-d3hr
10
vulnerability VCID-n7cc-xfym-u7g4
11
vulnerability VCID-w6nk-akeh-4ufg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
2
url pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
purl pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7
3
url pkg:composer/phpmyadmin/phpmyadmin@4.6.3
purl pkg:composer/phpmyadmin/phpmyadmin@4.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3va7-xx14-gkds
1
vulnerability VCID-44uc-xrvp-7bet
2
vulnerability VCID-4avx-e9mf-2yb1
3
vulnerability VCID-4vgu-cagj-hfhb
4
vulnerability VCID-gmjk-222y-abda
5
vulnerability VCID-gtps-py3z-13cu
6
vulnerability VCID-jmn8-a5r9-2qc8
7
vulnerability VCID-mgu4-pf1x-r3dy
8
vulnerability VCID-nuju-ekmt-k7g9
9
vulnerability VCID-q7pe-bvr1-g3bc
10
vulnerability VCID-qqyb-zags-bbhz
11
vulnerability VCID-rz6q-hthe-1uer
12
vulnerability VCID-xqf5-yxf3-u3he
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3
aliases CVE-2016-5734, GHSA-rv57-479x-x4qv
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxf7-1cq4-t3cv
3
url VCID-qpj7-uk5e-nbez
vulnerability_id VCID-qpj7-uk5e-nbez
summary 
phpMyAdmin vulnerable to Cross-site Scripting
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5701
reference_id
reference_type
scores
0
value 0.00459
scoring_system epss
scoring_elements 0.64392
published_at 2026-06-05T12:55:00Z
1
value 0.00459
scoring_system epss
scoring_elements 0.64401
published_at 2026-06-06T12:55:00Z
2
value 0.00459
scoring_system epss
scoring_elements 0.64348
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5701
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e
20
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
21
reference_url https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383
22
reference_url https://www.phpmyadmin.net/security/PMASA-2016-17
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-17
23
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5701
reference_id CVE-2016-5701
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5701
25
reference_url https://github.com/advisories/GHSA-rh74-5835-jpxp
reference_id GHSA-rh74-5835-jpxp
reference_type
scores
url https://github.com/advisories/GHSA-rh74-5835-jpxp
fixed_packages
0
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16
1
url pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
purl pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2at1-y3qg-77fb
1
vulnerability VCID-32ja-yuuw-bbbh
2
vulnerability VCID-7vpu-x9mb-q3c6
3
vulnerability VCID-a94q-k98a-6qbw
4
vulnerability VCID-amgy-teas-euh5
5
vulnerability VCID-d3qn-js1p-7yeq
6
vulnerability VCID-dx3h-z4dg-m3e1
7
vulnerability VCID-j2k3-xghw-gfb3
8
vulnerability VCID-kfr7-v6tb-eqau
9
vulnerability VCID-mzuh-5e5y-d3hr
10
vulnerability VCID-n7cc-xfym-u7g4
11
vulnerability VCID-w6nk-akeh-4ufg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2
2
url pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
purl pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7
3
url pkg:composer/phpmyadmin/phpmyadmin@4.6.3
purl pkg:composer/phpmyadmin/phpmyadmin@4.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3va7-xx14-gkds
1
vulnerability VCID-44uc-xrvp-7bet
2
vulnerability VCID-4avx-e9mf-2yb1
3
vulnerability VCID-4vgu-cagj-hfhb
4
vulnerability VCID-gmjk-222y-abda
5
vulnerability VCID-gtps-py3z-13cu
6
vulnerability VCID-jmn8-a5r9-2qc8
7
vulnerability VCID-mgu4-pf1x-r3dy
8
vulnerability VCID-nuju-ekmt-k7g9
9
vulnerability VCID-q7pe-bvr1-g3bc
10
vulnerability VCID-qqyb-zags-bbhz
11
vulnerability VCID-rz6q-hthe-1uer
12
vulnerability VCID-xqf5-yxf3-u3he
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3
aliases CVE-2016-5701, GHSA-rh74-5835-jpxp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpj7-uk5e-nbez
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B0