Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/63264?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/63264?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@3.4.0", "type": "composer", "namespace": "phpmyadmin", "name": "phpmyadmin", "version": "3.4.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.9.8", "latest_non_vulnerable_version": "5.2.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44048?format=api", "vulnerability_id": "VCID-6r4m-kxj7-ybb6", "summary": "Improper Control of Generation of Code ('Code Injection')\nsetup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.", "references": [ { "reference_url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.97037", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2506" }, { "reference_url": "http://securityreason.com/securityalert/8306", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securityreason.com/securityalert/8306" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4" }, { "reference_url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2286", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2286" }, { "reference_url": "http://www.exploit-db.com/exploits/17514", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.exploit-db.com/exploits/17514" }, { "reference_url": "http://www.exploit-db.com/exploits/17514/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/17514/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/11" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2506", "reference_id": "CVE-2011-2506", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2506" }, { "reference_url": "https://github.com/advisories/GHSA-p6h7-29r2-g88f", "reference_id": "GHSA-p6h7-29r2-g88f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-p6h7-29r2-g88f" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63266?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@3.4.3%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.3%252B1" } ], "aliases": [ "CVE-2011-2506", "GHSA-p6h7-29r2-g88f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6r4m-kxj7-ybb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44151?format=api", "vulnerability_id": "VCID-8amg-r4d1-kubh", "summary": "phpMyAdmin Vulnerable to Cross-Site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php.", "references": [ { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=7e10c132a3887c8ebfd7a8eee356b28375f1e287", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=7e10c132a3887c8ebfd7a8eee356b28375f1e287" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=d3ccf798fdbd4f8a89d4088130637d8dee918492", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=d3ccf798fdbd4f8a89d4088130637d8dee918492" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=7e10c132a3887c8ebfd7a8eee356b28375f1e287", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=7e10c132a3887c8ebfd7a8eee356b28375f1e287" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=d3ccf798fdbd4f8a89d4088130637d8dee918492", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=d3ccf798fdbd4f8a89d4088130637d8dee918492" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52191", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1940" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2391", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2012/dsa-2391" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-3.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-3.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1940", "reference_id": "CVE-2011-1940", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1940" }, { "reference_url": "https://github.com/advisories/GHSA-4q58-5x28-53wv", "reference_id": "GHSA-4q58-5x28-53wv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4q58-5x28-53wv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63512?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@3.4.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.1" } ], "aliases": [ "CVE-2011-1940", "GHSA-4q58-5x28-53wv" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8amg-r4d1-kubh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44004?format=api", "vulnerability_id": "VCID-92xz-8fkp-ekh3", "summary": "phpMyAdmin Directory Traversal vulnerability\nDirectory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.", "references": [ { "reference_url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93632", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2508" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008" }, { "reference_url": "https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306" }, { "reference_url": "https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2286", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2286" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:124", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:124" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/11" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2508", "reference_id": "CVE-2011-2508", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2508" }, { "reference_url": "https://github.com/advisories/GHSA-q6vw-39cg-wjjf", "reference_id": "GHSA-q6vw-39cg-wjjf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q6vw-39cg-wjjf" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63266?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@3.4.3%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.3%252B1" } ], "aliases": [ "CVE-2011-2508", "GHSA-q6vw-39cg-wjjf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92xz-8fkp-ekh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44137?format=api", "vulnerability_id": "VCID-ntmf-36f1-e3fg", "summary": "phpMyAdmin Cross-site Scripting vulnerability\nCross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4782", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.65195", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4782" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71938", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71938" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:198", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:198" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4782", "reference_id": "CVE-2011-4782", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4782" }, { "reference_url": "https://github.com/advisories/GHSA-2h23-c973-x63q", "reference_id": "GHSA-2h23-c973-x63q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2h23-c973-x63q" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63478?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@3.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.9" } ], "aliases": [ "CVE-2011-4782", "GHSA-2h23-c973-x63q" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntmf-36f1-e3fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44031?format=api", "vulnerability_id": "VCID-qnf5-aays-qkf1", "summary": "Improper Control of Generation of Code ('Code Injection')\nlibraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a \"remote variable manipulation vulnerability.\"", "references": [ { "reference_url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97245", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2505" }, { "reference_url": "http://securityreason.com/securityalert/8306", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securityreason.com/securityalert/8306" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967" }, { "reference_url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2286", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2286" }, { "reference_url": "http://www.exploit-db.com/exploits/17514", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.exploit-db.com/exploits/17514" }, { "reference_url": "http://www.exploit-db.com/exploits/17514/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/17514/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/11" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2505", "reference_id": "CVE-2011-2505", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2505" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py", "reference_id": "CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php", "reference_id": "CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php" }, { "reference_url": "http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611", "reference_type": "exploit", "scores": [], "url": "http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://github.com/advisories/GHSA-vqcm-r62w-w437", "reference_id": "GHSA-vqcm-r62w-w437", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vqcm-r62w-w437" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63266?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@3.4.3%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.3%252B1" } ], "aliases": [ "CVE-2011-2505", "GHSA-vqcm-r62w-w437" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qnf5-aays-qkf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44157?format=api", "vulnerability_id": "VCID-zb95-sn9m-r3bu", "summary": "Improper Restriction of XML External Entity Reference\nThe simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html" }, { "reference_url": "http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12434", "scoring_system": "epss", "scoring_elements": "0.94035", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4107" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=751112", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=751112" }, { "reference_url": "http://seclists.org/fulldisclosure/2011/Nov/21", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2011/Nov/21" }, { "reference_url": "http://securityreason.com/securityalert/8533", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securityreason.com/securityalert/8533" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71108", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71108" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/2fbf631384fd8cded55f4500cb87b129442f9ed2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/2fbf631384fd8cded55f4500cb87b129442f9ed2" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/34d99de000de9d15cfdf5e9cc8b7682d51110bbd", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/34d99de000de9d15cfdf5e9cc8b7682d51110bbd" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/5fa86b8e81565c15ddbc359e8f59ecd829a2b717", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/5fa86b8e81565c15ddbc359e8f59ecd829a2b717" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/a5e206fbd2ca814042cfc1bb7dd3b40c28ce3fb5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/a5e206fbd2ca814042cfc1bb7dd3b40c28ce3fb5" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2391", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2012/dsa-2391" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/11/03/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/11/03/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/11/03/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/11/03/5" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656247", "reference_id": "656247", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656247" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4107", "reference_id": "CVE-2011-4107", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4107" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18371.rb", "reference_id": "CVE-2011-4107;OSVDB-76798", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18371.rb" }, { "reference_url": "https://github.com/advisories/GHSA-q4mm-89q2-xffg", "reference_id": "GHSA-q4mm-89q2-xffg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q4mm-89q2-xffg" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63518?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@3.4.7%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.7%252B1" } ], "aliases": [ "CVE-2011-4107", "GHSA-q4mm-89q2-xffg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb95-sn9m-r3bu" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.0" }