| 0 |
| url |
VCID-19c4-dbx1-e3aj |
| vulnerability_id |
VCID-19c4-dbx1-e3aj |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5732 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.44979 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45063 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45112 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45083 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45061 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45118 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45069 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45067 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.451 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45077 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00224 |
| scoring_system |
epss |
| scoring_elements |
0.45024 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5732 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5732 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5732 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5732, GHSA-3q28-xfw3-2q35
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-19c4-dbx1-e3aj |
|
| 1 |
| url |
VCID-19nn-dc48-nqdw |
| vulnerability_id |
VCID-19nn-dc48-nqdw |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2718 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.7701 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.76964 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.77046 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.77053 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.77051 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.76952 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.76981 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.76996 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.77014 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.77035 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.77007 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.01003 |
| scoring_system |
epss |
| scoring_elements |
0.76946 |
| published_at |
2026-04-01T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2718 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2718, GHSA-xhqq-554j-p4x8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-19nn-dc48-nqdw |
|
| 2 |
| url |
VCID-1c3r-xhbm-7fgq |
| vulnerability_id |
VCID-1c3r-xhbm-7fgq |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8958 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69616 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69522 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69533 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69549 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69528 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69578 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69595 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69617 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69602 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69588 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69627 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69636 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8958 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-8958
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1c3r-xhbm-7fgq |
|
| 3 |
| url |
VCID-1dc8-kafr-3qd7 |
| vulnerability_id |
VCID-1dc8-kafr-3qd7 |
| summary |
Cross-site Scripting
An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6628 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49225 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49155 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49186 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49214 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49165 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.4922 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49216 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49234 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49207 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49212 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49257 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49255 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6628 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6628, GHSA-phhm-63xx-v9rr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1dc8-kafr-3qd7 |
|
| 4 |
| url |
VCID-1dhd-3ayw-6kg3 |
| vulnerability_id |
VCID-1dhd-3ayw-6kg3 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4997 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.497 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49682 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49653 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49655 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49702 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49607 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49637 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49664 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49616 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49671 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00263 |
| scoring_system |
epss |
| scoring_elements |
0.49665 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4997 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-4997, GHSA-5gh4-v2ch-pcx4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1dhd-3ayw-6kg3 |
|
| 5 |
| url |
VCID-1mz5-3xe3-4fcy |
| vulnerability_id |
VCID-1mz5-3xe3-4fcy |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9863 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69654 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69539 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69552 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69567 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69546 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69596 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69613 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69635 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.6962 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69606 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69646 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9863 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9863, GHSA-qgrq-64g6-mmh6
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1mz5-3xe3-4fcy |
|
| 6 |
| url |
VCID-1ruy-p4gw-w3hu |
| vulnerability_id |
VCID-1ruy-p4gw-w3hu |
| summary |
show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-4219 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.5171 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51584 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51636 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51661 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51621 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51676 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51672 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.5172 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51698 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51681 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51723 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.5173 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-4219 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-4219
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1ruy-p4gw-w3hu |
|
| 7 |
| url |
VCID-1ycg-apeb-efby |
| vulnerability_id |
VCID-1ycg-apeb-efby |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-9218 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94638 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94579 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94587 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94593 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94595 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94605 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94609 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94613 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94616 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94629 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.15266 |
| scoring_system |
epss |
| scoring_elements |
0.94633 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-9218 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-9218
|
| risk_score |
9.0 |
| exploitability |
2.0 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1ycg-apeb-efby |
|
| 8 |
| url |
VCID-24e9-fnt7-jqdu |
| vulnerability_id |
VCID-24e9-fnt7-jqdu |
| summary |
Improper Input Validation
phpMyAdmin is vulnerable to a DoS attack in the replication status by using a specially crafted table name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000018 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.7972 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79654 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79683 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.7969 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79711 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79695 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79688 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79717 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79639 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79646 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.01295 |
| scoring_system |
epss |
| scoring_elements |
0.79667 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000018 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-1000018, GHSA-47qr-f86f-3wm4
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-24e9-fnt7-jqdu |
|
| 9 |
| url |
VCID-24ev-nkxe-xyfx |
| vulnerability_id |
VCID-24ev-nkxe-xyfx |
| summary |
phpMyAdmin: XSRF/CSRF by manipulating the db (PMASA-2008-5) |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-3197 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64441 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64324 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64378 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64407 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64367 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64416 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64431 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64444 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64402 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64437 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00466 |
| scoring_system |
epss |
| scoring_elements |
0.64448 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-3197 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
| 141 |
|
| 142 |
|
| 143 |
|
| 144 |
|
| 145 |
|
| 146 |
|
| 147 |
|
| 148 |
|
| 149 |
|
| 150 |
|
| 151 |
|
| 152 |
|
| 153 |
|
| 154 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-3197
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-24ev-nkxe-xyfx |
|
| 10 |
| url |
VCID-27kp-82xd-cucw |
| vulnerability_id |
VCID-27kp-82xd-cucw |
| summary |
phpMyAdmin allows remote attackers to spoof content via the url parameter
The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-7873 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70212 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70119 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70131 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70146 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70123 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70171 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70187 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.7021 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70195 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70183 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70225 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70233 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-7873 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-7873, GHSA-5pmg-qh2c-7j24
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-27kp-82xd-cucw |
|
| 11 |
| url |
VCID-2d5e-qqz1-xqfm |
| vulnerability_id |
VCID-2d5e-qqz1-xqfm |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4780 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64757 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64808 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64837 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.648 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.6485 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64864 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64881 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64871 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64843 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64892 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64878 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4780 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4780
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2d5e-qqz1-xqfm |
|
| 12 |
| url |
VCID-2dbw-48nn-1qdu |
| vulnerability_id |
VCID-2dbw-48nn-1qdu |
| summary |
A vulnerability in phpMyAdmin may lead to information disclosure. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1924 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.3884 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38972 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38992 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38922 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38975 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.3899 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.39002 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38965 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38937 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38985 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38883 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1924 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-1924
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2dbw-48nn-1qdu |
|
| 13 |
| url |
VCID-2dds-au1z-zbdy |
| vulnerability_id |
VCID-2dds-au1z-zbdy |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1055 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78696 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78624 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78631 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78661 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78642 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78668 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78675 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.787 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78681 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78674 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78702 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1055 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-1055
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2dds-au1z-zbdy |
|
| 14 |
| url |
VCID-2djg-pb9a-pqg9 |
| vulnerability_id |
VCID-2djg-pb9a-pqg9 |
| summary |
A SQL injection vulnerability has been discovered in phpMyAdmin. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1149 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75161 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75165 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75195 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75172 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75207 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75218 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75239 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75206 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75245 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75251 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00871 |
| scoring_system |
epss |
| scoring_elements |
0.75242 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1149 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-1149
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2djg-pb9a-pqg9 |
|
| 15 |
| url |
VCID-2g3b-qqxy-ekcq |
| vulnerability_id |
VCID-2g3b-qqxy-ekcq |
| summary |
phpMyAdmin Global variables scope injection vulnerability
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4729 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58635 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58656 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58679 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58674 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58642 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58662 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58681 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58663 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.5853 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58657 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58614 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58605 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4729 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-4729, GHSA-x962-w72p-mv7q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2g3b-qqxy-ekcq |
|
| 16 |
| url |
VCID-2n2q-cm1n-cqdr |
| vulnerability_id |
VCID-2n2q-cm1n-cqdr |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3239 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93901 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93835 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93844 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93853 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93856 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93864 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93868 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93873 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.12333 |
| scoring_system |
epss |
| scoring_elements |
0.93895 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3239 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-3239, GHSA-gg36-9346-9qx9
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2n2q-cm1n-cqdr |
|
| 17 |
| url |
VCID-2wka-nyka-9fbz |
| vulnerability_id |
VCID-2wka-nyka-9fbz |
| summary |
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-24529 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39526 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39609 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39622 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39645 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39562 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39616 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39631 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.3964 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39604 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39588 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39638 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-24529 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-24529
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2wka-nyka-9fbz |
|
| 18 |
| url |
VCID-2x1y-1c8k-wkft |
| vulnerability_id |
VCID-2x1y-1c8k-wkft |
| summary |
phpMyAdmin: XSS and SQL injection (PMASA-2009-6) |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3697 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85503 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85515 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85531 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85536 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85556 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85567 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85581 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85578 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85574 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85596 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85602 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.02584 |
| scoring_system |
epss |
| scoring_elements |
0.85598 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3697 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-3697
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2x1y-1c8k-wkft |
|
| 19 |
| url |
VCID-2y3v-jnph-hfh4 |
| vulnerability_id |
VCID-2y3v-jnph-hfh4 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote attackers to conduct XSS. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26935 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.91523 |
| scoring_system |
epss |
| scoring_elements |
0.99675 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.91523 |
| scoring_system |
epss |
| scoring_elements |
0.9967 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.91523 |
| scoring_system |
epss |
| scoring_elements |
0.99669 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.91523 |
| scoring_system |
epss |
| scoring_elements |
0.99667 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.91523 |
| scoring_system |
epss |
| scoring_elements |
0.99673 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.91523 |
| scoring_system |
epss |
| scoring_elements |
0.99672 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.91523 |
| scoring_system |
epss |
| scoring_elements |
0.99671 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26935 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-26935, GHSA-7ff4-cv53-4cjq
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2y3v-jnph-hfh4 |
|
| 20 |
| url |
VCID-3638-2zea-pue5 |
| vulnerability_id |
VCID-3638-2zea-pue5 |
| summary |
phpMyAdmin contains multiple vulnerabilities that could lead to command
execution, XSS issues and bypass of security restrictions. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0543 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86114 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86034 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86044 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86061 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86081 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86091 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86105 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86102 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86098 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86116 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.02795 |
| scoring_system |
epss |
| scoring_elements |
0.86121 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0543 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0543
|
| risk_score |
7.8 |
| exploitability |
2.0 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3638-2zea-pue5 |
|
| 21 |
| url |
VCID-3eas-6zwf-muaa |
| vulnerability_id |
VCID-3eas-6zwf-muaa |
| summary |
PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive information via a direct request for libraries/common.lib.php, which reveals the path in an error message. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6373 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60176 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60019 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60096 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60121 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.6009 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.6014 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60154 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60175 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60161 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60144 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60183 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.6019 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6373 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-6373
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3eas-6zwf-muaa |
|
| 22 |
| url |
VCID-3eyf-ggxd-f7ga |
| vulnerability_id |
VCID-3eyf-ggxd-f7ga |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5099 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65757 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65743 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65623 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65672 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65702 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65668 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65719 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65731 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65752 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65738 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65709 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5099 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5099
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3eyf-ggxd-f7ga |
|
| 23 |
| url |
VCID-3pn2-zxhu-xqez |
| vulnerability_id |
VCID-3pn2-zxhu-xqez |
| summary |
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase </SCRIPT> end tag, which bypasses the protection against lowercase </script>. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1395 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.017 |
| scoring_system |
epss |
| scoring_elements |
0.82236 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.017 |
| scoring_system |
epss |
| scoring_elements |
0.82224 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.84962 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.84985 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.84992 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.85008 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.85006 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.85002 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.85023 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.85025 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.85022 |
| published_at |
2026-04-21T12:55:00Z |
|
| 11 |
| value |
0.02383 |
| scoring_system |
epss |
| scoring_elements |
0.84958 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1395 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-1395
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3pn2-zxhu-xqez |
|
| 24 |
| url |
VCID-3qpt-ht2t-pqbs |
| vulnerability_id |
VCID-3qpt-ht2t-pqbs |
| summary |
phpMyAdmin allows remote attackers to bypass authentication and obtain sensitive information
phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4481 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71829 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71892 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71908 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.7182 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71848 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71903 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71878 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71896 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71872 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71861 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00694 |
| scoring_system |
epss |
| scoring_elements |
0.71822 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4481 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-4481, GHSA-gmc7-jvv7-w245
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3qpt-ht2t-pqbs |
|
| 25 |
| url |
VCID-3uhk-gh1p-jqff |
| vulnerability_id |
VCID-3uhk-gh1p-jqff |
| summary |
phpMyAdmin: XSS in MSIE using NUL byte |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-4326 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62272 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62123 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62183 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62214 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62181 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62231 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62248 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62267 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62256 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62235 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.6228 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62287 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-4326 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
|
| 99 |
|
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
|
| 110 |
|
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
|
| 116 |
|
| 117 |
|
| 118 |
|
| 119 |
|
| 120 |
|
| 121 |
|
| 122 |
|
| 123 |
|
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
|
| 133 |
|
| 134 |
|
| 135 |
|
| 136 |
|
| 137 |
|
| 138 |
|
| 139 |
|
| 140 |
|
| 141 |
|
| 142 |
|
| 143 |
|
| 144 |
|
| 145 |
|
| 146 |
|
| 147 |
|
| 148 |
|
| 149 |
|
| 150 |
|
| 151 |
|
| 152 |
|
| 153 |
|
| 154 |
|
| 155 |
|
| 156 |
|
| 157 |
|
| 158 |
|
| 159 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-4326
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3uhk-gh1p-jqff |
|
| 26 |
| url |
VCID-3yp5-vqej-r7hh |
| vulnerability_id |
VCID-3yp5-vqej-r7hh |
| summary |
Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin allow remote authenticated users to inject arbitrary web script or HTML. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2040 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65695 |
| published_at |
2026-04-12T12:55:00Z |
|
| 1 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65697 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65714 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.657 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65581 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65629 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65659 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65625 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65677 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65689 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65709 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00493 |
| scoring_system |
epss |
| scoring_elements |
0.65665 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2040 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2040 |
| reference_id |
CVE-2016-2040 |
| reference_type |
|
| scores |
| 0 |
| value |
3.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
5.4 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2040 |
|
| 74 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2040, GHSA-pw34-qf6c-84fc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3yp5-vqej-r7hh |
|
| 27 |
| url |
VCID-41mv-6vqr-sua6 |
| vulnerability_id |
VCID-41mv-6vqr-sua6 |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-22452 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87129 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87058 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87069 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87088 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87081 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87101 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87109 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87122 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87117 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87112 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87128 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.03245 |
| scoring_system |
epss |
| scoring_elements |
0.87132 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-22452 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
http://phpmyadmin.com |
| reference_id |
phpmyadmin.com |
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/ |
|
|
| url |
http://phpmyadmin.com |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-22452, GHSA-prcg-mc23-hgjh
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-41mv-6vqr-sua6 |
|
| 28 |
| url |
VCID-4373-9erc-fkhk |
| vulnerability_id |
VCID-4373-9erc-fkhk |
| summary |
Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that is improperly handled on the database triggers page. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4955 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49097 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49022 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49058 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49085 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49039 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49093 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.4909 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49107 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.4908 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49086 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49131 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00257 |
| scoring_system |
epss |
| scoring_elements |
0.49129 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4955 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4955
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4373-9erc-fkhk |
|
| 29 |
| url |
VCID-46c2-r8g1-13ez |
| vulnerability_id |
VCID-46c2-r8g1-13ez |
| summary |
phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name during table creation, or a (2) Empty link or (3) Drop link for a crafted table name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-4345 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4328 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43309 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43293 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43355 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43344 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43232 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43288 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43317 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43254 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43305 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4332 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-4345 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-4345, GHSA-r3pq-mp8v-cp33
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-46c2-r8g1-13ez |
|
| 30 |
| url |
VCID-4awg-qnjf-4ua5 |
| vulnerability_id |
VCID-4awg-qnjf-4ua5 |
| summary |
Improper Input Validation
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000016 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65507 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65486 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65497 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65516 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65503 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65475 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65511 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65523 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65392 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65441 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65468 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65433 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000016 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-1000016, GHSA-j2cq-h6v2-f875
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4awg-qnjf-4ua5 |
|
| 31 |
| url |
VCID-4bmg-e3jp-fbb3 |
| vulnerability_id |
VCID-4bmg-e3jp-fbb3 |
| summary |
Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-9219 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63885 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.6377 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63831 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63857 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63815 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63866 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63883 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63896 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63882 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63849 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63884 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00455 |
| scoring_system |
epss |
| scoring_elements |
0.63894 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-9219 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-9219
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4bmg-e3jp-fbb3 |
|
| 32 |
| url |
VCID-4g6e-vy7f-fufu |
| vulnerability_id |
VCID-4g6e-vy7f-fufu |
| summary |
SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the vendor and a third party have disputed this issue, saying that the main task of the program is to support query execution by authenticated users, and no external attack scenario exists without an auto-login configuration. Thus it is likely that this issue will be REJECTED. However, a closely related CSRF issue has been assigned CVE-2005-4450 |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-4349 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.81995 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82006 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82094 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82059 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82067 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82077 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82057 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.8205 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82029 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82023 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.01659 |
| scoring_system |
epss |
| scoring_elements |
0.82096 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-4349 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-4349
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4g6e-vy7f-fufu |
|
| 33 |
| url |
VCID-4szd-esqn-93aq |
| vulnerability_id |
VCID-4szd-esqn-93aq |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the fopen wrapper issue. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9853 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74927 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74851 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74853 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74881 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74854 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74887 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.749 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74924 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74902 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74892 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74929 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00851 |
| scoring_system |
epss |
| scoring_elements |
0.74936 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9853 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9853, GHSA-rmmf-5xhh-gg27
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4szd-esqn-93aq |
|
| 34 |
| url |
VCID-5288-gx4v-7bh4 |
| vulnerability_id |
VCID-5288-gx4v-7bh4 |
| summary |
phpMyAdmin Unsafe Fetching of Javascript Code
phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5368 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62251 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62211 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62228 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62246 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62236 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62215 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.6226 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62267 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62102 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62162 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62193 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62161 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5368 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-5368, GHSA-xpxp-v33m-5jp9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5288-gx4v-7bh4 |
|
| 35 |
| url |
VCID-53wj-87ss-bkda |
| vulnerability_id |
VCID-53wj-87ss-bkda |
| summary |
Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0203 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73084 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.72985 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.72994 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73014 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.7299 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73027 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73041 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73065 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73044 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73038 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73081 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00745 |
| scoring_system |
epss |
| scoring_elements |
0.73091 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0203 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-0203
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-53wj-87ss-bkda |
|
| 36 |
| url |
VCID-5657-kcyh-7bc2 |
| vulnerability_id |
VCID-5657-kcyh-7bc2 |
| summary |
phpMyAdmin SQL injection in user accounts page
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-5504 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.22375 |
| scoring_system |
epss |
| scoring_elements |
0.95843 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.22375 |
| scoring_system |
epss |
| scoring_elements |
0.95834 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.22375 |
| scoring_system |
epss |
| scoring_elements |
0.9584 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95916 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95908 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95945 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95942 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95939 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95937 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95928 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.23238 |
| scoring_system |
epss |
| scoring_elements |
0.95924 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-5504 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-5504, GHSA-fgj8-93xx-f6g6
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5657-kcyh-7bc2 |
|
| 37 |
| url |
VCID-56fk-zgcc-aug8 |
| vulnerability_id |
VCID-56fk-zgcc-aug8 |
| summary |
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-2417 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68784 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68802 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68822 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68852 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68871 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68894 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68879 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.6885 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68891 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00579 |
| scoring_system |
epss |
| scoring_elements |
0.68902 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-2417 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-2417
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-56fk-zgcc-aug8 |
|
| 38 |
| url |
VCID-575v-3cfj-8qf7 |
| vulnerability_id |
VCID-575v-3cfj-8qf7 |
| summary |
phpMyAdmin: Self-XSS due to unescaped HTML output in navigation items hiding feature |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4349 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57753 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57639 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57724 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57746 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57719 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57774 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57776 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57792 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.5777 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57751 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.5778 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57777 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4349 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4349
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-575v-3cfj-8qf7 |
|
| 39 |
| url |
VCID-5cdg-4z32-syfp |
| vulnerability_id |
VCID-5cdg-4z32-syfp |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6617 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.5911 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59184 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59208 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59172 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59224 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59237 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59257 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59239 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.5922 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59262 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59244 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6617 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6617
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5cdg-4z32-syfp |
|
| 40 |
| url |
VCID-5mda-fksy-bqb2 |
| vulnerability_id |
VCID-5mda-fksy-bqb2 |
| summary |
Cross-site Scripting
An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9857 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61754 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61807 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61824 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61819 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61777 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61797 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.6181 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61789 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61651 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61725 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61773 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9857 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9857, GHSA-hmmx-wxh4-9w8w
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5mda-fksy-bqb2 |
|
| 41 |
| url |
VCID-5qxf-smga-w7b6 |
| vulnerability_id |
VCID-5qxf-smga-w7b6 |
| summary |
phpMyAdmin contains a local file inclusion vulnerability that may lead to
the execution of arbitrary code, along with several cross-site scripting
issues. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3300 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83225 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83118 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83135 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83148 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83146 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83171 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83178 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83194 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83189 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83184 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83221 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0189 |
| scoring_system |
epss |
| scoring_elements |
0.83222 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3300 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3300
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5qxf-smga-w7b6 |
|
| 42 |
| url |
VCID-5s9r-7z3f-wkcy |
| vulnerability_id |
VCID-5s9r-7z3f-wkcy |
| summary |
Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-5116 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.8816 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88168 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88184 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88191 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.8821 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88216 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88227 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88219 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88232 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.03863 |
| scoring_system |
epss |
| scoring_elements |
0.88231 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-5116 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-5116
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5s9r-7z3f-wkcy |
|
| 43 |
| url |
VCID-5spm-mfvj-cqcu |
| vulnerability_id |
VCID-5spm-mfvj-cqcu |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-7252 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86497 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86482 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86487 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86491 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86495 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86465 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86475 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86502 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.0296 |
| scoring_system |
epss |
| scoring_elements |
0.86446 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.03137 |
| scoring_system |
epss |
| scoring_elements |
0.86832 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.03137 |
| scoring_system |
epss |
| scoring_elements |
0.86822 |
| published_at |
2026-04-01T12:55:00Z |
|
| 11 |
| value |
0.03137 |
| scoring_system |
epss |
| scoring_elements |
0.86851 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-7252 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-7252, GHSA-9645-6g72-2pv8
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5spm-mfvj-cqcu |
|
| 44 |
| url |
VCID-63cb-2hqp-3ug8 |
| vulnerability_id |
VCID-63cb-2hqp-3ug8 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9850 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68352 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68372 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68391 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68368 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68419 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68436 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68462 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.6845 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68417 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68455 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68469 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00565 |
| scoring_system |
epss |
| scoring_elements |
0.68446 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9850 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9850
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-63cb-2hqp-3ug8 |
|
| 45 |
| url |
VCID-64sy-unts-juf3 |
| vulnerability_id |
VCID-64sy-unts-juf3 |
| summary |
Information Exposure
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user session, username, and password are not compromised by this vulnerability. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6625 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50974 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50851 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50909 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50935 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50892 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50949 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50947 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50989 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50967 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50951 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50988 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00275 |
| scoring_system |
epss |
| scoring_elements |
0.50995 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6625 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6625, GHSA-r643-7xfg-ppc5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-64sy-unts-juf3 |
|
| 46 |
| url |
VCID-6d18-2pr4-pfdf |
| vulnerability_id |
VCID-6d18-2pr4-pfdf |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-5273 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.5956 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59426 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59499 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59524 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59492 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59543 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59555 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59574 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59558 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59538 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59572 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59579 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-5273 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-5273
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6d18-2pr4-pfdf |
|
| 47 |
| url |
VCID-6e6k-vaj9-budk |
| vulnerability_id |
VCID-6e6k-vaj9-budk |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4996 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51082 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51135 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51159 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51116 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51171 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51167 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51212 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.5119 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51175 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51215 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51222 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.512 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4996 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-4996
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6e6k-vaj9-budk |
|
| 48 |
| url |
VCID-6k7f-7dbr-9ffu |
| vulnerability_id |
VCID-6k7f-7dbr-9ffu |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3787 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62415 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.6227 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62327 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62358 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62324 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62374 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62391 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.6241 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.624 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62378 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62424 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00427 |
| scoring_system |
epss |
| scoring_elements |
0.62431 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3787 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3787
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6k7f-7dbr-9ffu |
|
| 49 |
| url |
VCID-6n99-6r4y-zkgt |
| vulnerability_id |
VCID-6n99-6r4y-zkgt |
| summary |
Multiple vulnerabilities in phpMyAdmin may allow a remote attacker with a
valid user account to alter configuration variables and execute arbitrary
PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-2632 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86398 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86408 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86426 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86428 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86446 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86456 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.8647 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86469 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86463 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86478 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86483 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.02951 |
| scoring_system |
epss |
| scoring_elements |
0.86476 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-2632 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-2632
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6n99-6r4y-zkgt |
|
| 50 |
| url |
VCID-6qn6-3v4w-pqhw |
| vulnerability_id |
VCID-6qn6-3v4w-pqhw |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6606 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49159 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.4919 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49218 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49169 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49224 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.4922 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49238 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49211 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49216 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49262 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49259 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49229 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6606 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6606
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6qn6-3v4w-pqhw |
|
| 51 |
| url |
VCID-6qpe-ce89-k7eq |
| vulnerability_id |
VCID-6qpe-ce89-k7eq |
| summary |
Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-5718 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.7814 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78149 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78178 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78161 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78187 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78194 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.7822 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78203 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78199 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78231 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78229 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-5718 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-5718
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6qpe-ce89-k7eq |
|
| 52 |
| url |
VCID-6qw8-vmc8-yyfa |
| vulnerability_id |
VCID-6qw8-vmc8-yyfa |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4999 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48286 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48322 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48343 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48295 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.4835 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48344 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48369 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48342 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48354 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48405 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.484 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4999 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-4999
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6qw8-vmc8-yyfa |
|
| 53 |
| url |
VCID-6xv1-vecm-dqh8 |
| vulnerability_id |
VCID-6xv1-vecm-dqh8 |
| summary |
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-3388 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77257 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77263 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77292 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77274 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77304 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77313 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.7734 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.7732 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77317 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77356 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77348 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-3388 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-3388
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6xv1-vecm-dqh8 |
|
| 54 |
| url |
VCID-76a7-h2mq-gkfu |
| vulnerability_id |
VCID-76a7-h2mq-gkfu |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3902 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44253 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44323 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44345 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44282 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44334 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44338 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44356 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44324 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44379 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.4437 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.443 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3902 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-3902
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-76a7-h2mq-gkfu |
|
| 55 |
| url |
VCID-7ga4-rjej-s3h1 |
| vulnerability_id |
VCID-7ga4-rjej-s3h1 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9859 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70411 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70425 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70442 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.7042 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70466 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70481 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70505 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.7049 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70476 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70518 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70526 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70506 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9859 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9859
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7ga4-rjej-s3h1 |
|
| 56 |
| url |
VCID-7h9b-a8dp-57hp |
| vulnerability_id |
VCID-7h9b-a8dp-57hp |
| summary |
Cross-site Scripting
phpMyAdmin is vulnerable to a CSS injection attack through crafted cookie parameters. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000015 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68119 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68196 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68214 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68202 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68164 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68197 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68211 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68186 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68101 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68124 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.6817 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00557 |
| scoring_system |
epss |
| scoring_elements |
0.68142 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000015 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-1000015, GHSA-3fgq-cmr4-97rr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7h9b-a8dp-57hp |
|
| 57 |
| url |
VCID-7mys-s9mz-h3g1 |
| vulnerability_id |
VCID-7mys-s9mz-h3g1 |
| summary |
phpMyAdmin cross-site scripting Vulnerability via ENUM value
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to `libraries/TableSearch.class.php` and `libraries/Util.class.php`. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-7217 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.5669 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56717 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56719 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56688 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56573 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56709 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56669 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56734 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56689 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56725 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56721 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-7217 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-7217, GHSA-wv8g-fx9j-q2jg
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7mys-s9mz-h3g1 |
|
| 58 |
| url |
VCID-7n1n-uj91-8ugg |
| vulnerability_id |
VCID-7n1n-uj91-8ugg |
| summary |
phpMyAdmin server-side request forgery (SSRF)
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6621 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59883 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59966 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.5998 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59974 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59934 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59953 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59968 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59947 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59811 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59888 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59933 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00389 |
| scoring_system |
epss |
| scoring_elements |
0.59913 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6621 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6621, GHSA-44vv-mm86-7cg6
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7n1n-uj91-8ugg |
|
| 59 |
| url |
VCID-7njf-jg3r-1fd6 |
| vulnerability_id |
VCID-7njf-jg3r-1fd6 |
| summary |
Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 allows remote attackers to inject arbitrary web script or HTML via a crafted request. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4329 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0061 |
| scoring_system |
epss |
| scoring_elements |
0.69689 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0061 |
| scoring_system |
epss |
| scoring_elements |
0.697 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0061 |
| scoring_system |
epss |
| scoring_elements |
0.69717 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0061 |
| scoring_system |
epss |
| scoring_elements |
0.69694 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0061 |
| scoring_system |
epss |
| scoring_elements |
0.69742 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0061 |
| scoring_system |
epss |
| scoring_elements |
0.69759 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0061 |
| scoring_system |
epss |
| scoring_elements |
0.6978 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72513 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72483 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72473 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72515 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72524 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4329 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-4329
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7njf-jg3r-1fd6 |
|
| 60 |
| url |
VCID-7v4j-ybp2-pfhs |
| vulnerability_id |
VCID-7v4j-ybp2-pfhs |
| summary |
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0341 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78696 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78624 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78631 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78661 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78642 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78668 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78675 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.787 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78681 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78674 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78702 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0341 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-0341
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7v4j-ybp2-pfhs |
|
| 61 |
| url |
VCID-81mz-gdhq-r7fm |
| vulnerability_id |
VCID-81mz-gdhq-r7fm |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5704 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51114 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.5118 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51201 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51096 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51138 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51194 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51156 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51171 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51193 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51148 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51152 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51061 |
| published_at |
2026-04-01T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5704 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5704 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5704 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5704, GHSA-gcvp-cwgw-wx8j
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-81mz-gdhq-r7fm |
|
| 62 |
| url |
VCID-831x-uk8r-pqaa |
| vulnerability_id |
VCID-831x-uk8r-pqaa |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5029 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.8235 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82365 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82382 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82378 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82406 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82414 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82432 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82429 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82423 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82458 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.8246 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.01725 |
| scoring_system |
epss |
| scoring_elements |
0.82465 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5029 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-5029
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-831x-uk8r-pqaa |
|
| 63 |
| url |
VCID-8858-xnkg-zqbn |
| vulnerability_id |
VCID-8858-xnkg-zqbn |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-7251 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85372 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85384 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85403 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85407 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85428 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85436 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.8545 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85448 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85445 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85468 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.02533 |
| scoring_system |
epss |
| scoring_elements |
0.85472 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-7251 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-7251
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8858-xnkg-zqbn |
|
| 64 |
| url |
VCID-8fu3-wm7d-qkeu |
| vulnerability_id |
VCID-8fu3-wm7d-qkeu |
| summary |
Incomplete Cleanup
An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6632 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68518 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68424 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68443 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68463 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68439 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68489 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68506 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68532 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.6852 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68488 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68527 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.6854 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6632 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6632, GHSA-426q-975p-w5cr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8fu3-wm7d-qkeu |
|
| 65 |
| url |
VCID-8kvn-7pwk-mfhp |
| vulnerability_id |
VCID-8kvn-7pwk-mfhp |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8960 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52176 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52042 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.5209 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52117 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52081 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52135 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52131 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52182 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52166 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.5215 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52191 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52194 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8960 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-8960
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8kvn-7pwk-mfhp |
|
| 66 |
| url |
VCID-8myg-a1pb-c3an |
| vulnerability_id |
VCID-8myg-a1pb-c3an |
| summary |
Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of
which may allow for remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5977 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71814 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71823 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71842 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71816 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71854 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71865 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.7189 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71872 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71855 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71897 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71902 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00693 |
| scoring_system |
epss |
| scoring_elements |
0.71886 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5977 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-5977
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8myg-a1pb-c3an |
|
| 67 |
| url |
VCID-8ue4-jk5c-6uh3 |
| vulnerability_id |
VCID-8ue4-jk5c-6uh3 |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2719 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83375 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83389 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83404 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83402 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83427 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83437 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83451 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83445 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83441 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83476 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83478 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.01944 |
| scoring_system |
epss |
| scoring_elements |
0.83479 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2719 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2719
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8ue4-jk5c-6uh3 |
|
| 68 |
| url |
VCID-8xac-hgvs-ykgn |
| vulnerability_id |
VCID-8xac-hgvs-ykgn |
| summary |
Incomplete List of Disallowed Inputs
An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9861 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47891 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47821 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47859 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.4788 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47829 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47882 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47878 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47902 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47879 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47889 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47943 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47937 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9861 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9861, GHSA-r326-mp8g-6xfc
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8xac-hgvs-ykgn |
|
| 69 |
| url |
VCID-95rw-mj5a-63cb |
| vulnerability_id |
VCID-95rw-mj5a-63cb |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6630 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72266 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72272 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72292 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72268 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72306 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72319 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72325 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72311 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72353 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.72362 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00713 |
| scoring_system |
epss |
| scoring_elements |
0.7235 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6630 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6630
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-95rw-mj5a-63cb |
|
| 70 |
| url |
VCID-986a-3m4g-83ge |
| vulnerability_id |
VCID-986a-3m4g-83ge |
| summary |
Cross-Site Request Forgery (CSRF)
By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19969 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.63934 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.64006 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.64017 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.64005 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.6397 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.64 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.64014 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.64002 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.63888 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.63947 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.63984 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00458 |
| scoring_system |
epss |
| scoring_elements |
0.63974 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19969 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-19969, GHSA-xwf2-53mc-r8hx
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-986a-3m4g-83ge |
|
| 71 |
| url |
VCID-9auw-hwad-ybaf |
| vulnerability_id |
VCID-9auw-hwad-ybaf |
| summary |
Improper Authentication
An issue was discovered in phpMyAdm in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for allowed pages. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12613, GHSA-x394-g9j8-x7mf
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9auw-hwad-ybaf |
|
| 72 |
| url |
VCID-9dtq-wr57-wqgu |
| vulnerability_id |
VCID-9dtq-wr57-wqgu |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3181 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69522 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69533 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69549 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69528 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69578 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69595 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69617 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69602 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69588 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69627 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69636 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00604 |
| scoring_system |
epss |
| scoring_elements |
0.69616 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3181 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-3181
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9dtq-wr57-wqgu |
|
| 73 |
| url |
VCID-9kv1-q719-hugw |
| vulnerability_id |
VCID-9kv1-q719-hugw |
| summary |
db_create SQL Injection |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5976 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.7994 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.79947 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.79968 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.79957 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.79985 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.79994 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.80014 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.79997 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.79989 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.80018 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.01336 |
| scoring_system |
epss |
| scoring_elements |
0.8002 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5976 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-5976
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9kv1-q719-hugw |
|
| 74 |
| url |
VCID-9t2s-etzf-t3d2 |
| vulnerability_id |
VCID-9t2s-etzf-t3d2 |
| summary |
Command Injection
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6609 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62256 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62108 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62169 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62199 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62166 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62216 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62233 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62252 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62241 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.6222 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62265 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00425 |
| scoring_system |
epss |
| scoring_elements |
0.62272 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6609 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6609, GHSA-wpww-hx7x-xfjh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9t2s-etzf-t3d2 |
|
| 75 |
| url |
VCID-9wpd-442t-k7f8 |
| vulnerability_id |
VCID-9wpd-442t-k7f8 |
| summary |
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-3457 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69098 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69004 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69022 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69041 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69072 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69092 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69114 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69099 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.6907 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.6911 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00586 |
| scoring_system |
epss |
| scoring_elements |
0.69118 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-3457 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-3457
|
| risk_score |
1.1 |
| exploitability |
0.5 |
| weighted_severity |
2.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9wpd-442t-k7f8 |
|
| 76 |
| url |
VCID-9xb8-kz1v-43bt |
| vulnerability_id |
VCID-9xb8-kz1v-43bt |
| summary |
Improper Control of Generation of Code ('Code Injection')
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2506 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96951 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96944 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96943 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96942 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96921 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96958 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96955 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96925 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96913 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96939 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96938 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.33677 |
| scoring_system |
epss |
| scoring_elements |
0.96929 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2506 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2506, GHSA-p6h7-29r2-g88f
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9xb8-kz1v-43bt |
|
| 77 |
| url |
VCID-9xxd-uwwt-57ba |
| vulnerability_id |
VCID-9xxd-uwwt-57ba |
| summary |
Cross-site Scripting
An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9856 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61754 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61807 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61824 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61819 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61777 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61797 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.6181 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61789 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61651 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61725 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.61773 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9856 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9856, GHSA-j8mx-x32r-5rf4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9xxd-uwwt-57ba |
|
| 78 |
| url |
VCID-a1h3-y1fe-7fe2 |
| vulnerability_id |
VCID-a1h3-y1fe-7fe2 |
| summary |
phpMyAdmin vulnerable to Cross-site Scripting
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5701 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.63996 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64052 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64065 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64023 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.63937 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64053 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64018 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64048 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64062 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.6405 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.64033 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00459 |
| scoring_system |
epss |
| scoring_elements |
0.63983 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5701 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5701 |
| reference_id |
CVE-2016-5701 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5701 |
|
| 89 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5701, GHSA-rh74-5835-jpxp
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a1h3-y1fe-7fe2 |
|
| 79 |
| url |
VCID-a286-32jj-eubk |
| vulnerability_id |
VCID-a286-32jj-eubk |
| summary |
Regular Expression Denial of Service in jquery-validation
The GitHub Security Lab team has identified potential security vulnerabilities in jquery.validation.
The project contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service)
This issue was discovered and reported by GitHub team member @erik-krogh (Erik Krogh Kristensen). |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-21252 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72032 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72047 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72039 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.71951 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72014 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.7203 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72006 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.71993 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.71955 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.71979 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.71959 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.71998 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-21252 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-21252, GHSA-jxwx-85vp-gvwm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a286-32jj-eubk |
|
| 80 |
| url |
VCID-a3k9-h57f-p3ga |
| vulnerability_id |
VCID-a3k9-h57f-p3ga |
| summary |
phpMyAdmin 2.x multiple vulnerabilities |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4605 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.645 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64553 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64582 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64539 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64588 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64604 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64622 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64609 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64581 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64616 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64628 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64613 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4605 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-4605
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a3k9-h57f-p3ga |
|
| 81 |
| url |
VCID-aj89-my26-1bb3 |
| vulnerability_id |
VCID-aj89-my26-1bb3 |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-2869 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93744 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93677 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93687 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93697 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.937 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93709 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93711 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93715 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93716 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.93733 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.11812 |
| scoring_system |
epss |
| scoring_elements |
0.9374 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-2869 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-2869
|
| risk_score |
7.8 |
| exploitability |
2.0 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-aj89-my26-1bb3 |
|
| 82 |
| url |
VCID-araw-4wdy-hqcz |
| vulnerability_id |
VCID-araw-4wdy-hqcz |
| summary |
phpMyAdmin XSS when checking tables
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-24530 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41553 |
| published_at |
2026-04-09T12:55:00Z |
|
| 1 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41472 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41541 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41528 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41542 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41569 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41495 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41545 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41575 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41547 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41573 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-24530 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-24530, GHSA-222v-cx2c-q2f5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-araw-4wdy-hqcz |
|
| 83 |
| url |
VCID-au6f-6v6x-ykf4 |
| vulnerability_id |
VCID-au6f-6v6x-ykf4 |
| summary |
phpMyAdmin contains a local file inclusion vulnerability that may lead to
the execution of arbitrary code, along with several cross-site scripting
issues. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3301 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93737 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93672 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93682 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93692 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93695 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93704 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93706 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.9371 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93711 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93728 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.11794 |
| scoring_system |
epss |
| scoring_elements |
0.93735 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3301 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3301
|
| risk_score |
7.8 |
| exploitability |
2.0 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-au6f-6v6x-ykf4 |
|
| 84 |
| url |
VCID-awu5-ty5v-ubd1 |
| vulnerability_id |
VCID-awu5-ty5v-ubd1 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8959 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86053 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.85976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.85987 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86003 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86002 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86022 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86031 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86046 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86044 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86039 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86056 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.02772 |
| scoring_system |
epss |
| scoring_elements |
0.86062 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8959 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-8959
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-awu5-ty5v-ubd1 |
|
| 85 |
| url |
VCID-b36z-qwye-77hp |
| vulnerability_id |
VCID-b36z-qwye-77hp |
| summary |
Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of
which may allow for remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-4775 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92256 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92209 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92216 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92222 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92225 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92236 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.9224 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92245 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92246 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92243 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92255 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.08276 |
| scoring_system |
epss |
| scoring_elements |
0.92254 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-4775 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-4775
|
| risk_score |
4.6 |
| exploitability |
2.0 |
| weighted_severity |
2.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b36z-qwye-77hp |
|
| 86 |
| url |
VCID-b39m-ve2f-dqcz |
| vulnerability_id |
VCID-b39m-ve2f-dqcz |
| summary |
phpMyAdmin: Cross-site Framing; XSS in setup.php (PMASA-2008-6 - CVE-2008-3456, CVE-2008-3457) |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-3456 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82353 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82247 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.8226 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82279 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82274 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82301 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82308 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82328 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82322 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82316 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.8235 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01706 |
| scoring_system |
epss |
| scoring_elements |
0.82351 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-3456 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-3456
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b39m-ve2f-dqcz |
|
| 87 |
| url |
VCID-b4xu-wcz2-9fdh |
| vulnerability_id |
VCID-b4xu-wcz2-9fdh |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6631 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87666 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87676 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87688 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.8769 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87711 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87717 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87729 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87722 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.8772 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87734 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.03567 |
| scoring_system |
epss |
| scoring_elements |
0.87731 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6631 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6631
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b4xu-wcz2-9fdh |
|
| 88 |
| url |
VCID-b5bf-6u8e-byh8 |
| vulnerability_id |
VCID-b5bf-6u8e-byh8 |
| summary |
phpMyAdmin Denial Of Service (DOS) attack
js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5706 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86073 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.85994 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86005 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86022 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86041 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.8605 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86065 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86062 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86058 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.86075 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.02778 |
| scoring_system |
epss |
| scoring_elements |
0.8608 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5706 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5706 |
| reference_id |
CVE-2016-5706 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 2 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5706 |
|
| 88 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5706, GHSA-9rmm-8fp4-26hv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b5bf-6u8e-byh8 |
|
| 89 |
| url |
VCID-b5d2-5bfb-bbgz |
| vulnerability_id |
VCID-b5d2-5bfb-bbgz |
| summary |
Server-Side Request Forgery (SSRF)
phpMyAdmin is vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000017 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75913 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75979 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75994 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75992 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75954 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75961 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75984 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.7596 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75898 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75902 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75946 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.0092 |
| scoring_system |
epss |
| scoring_elements |
0.75934 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000017 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-1000017, GHSA-99xj-xqc9-98hr
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b5d2-5bfb-bbgz |
|
| 90 |
| url |
VCID-b9b1-624h-uubt |
| vulnerability_id |
VCID-b9b1-624h-uubt |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8326 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.5044 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50418 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50411 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50453 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.5043 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50415 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.5046 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50464 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50329 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50385 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50414 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50365 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8326 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-8326, GHSA-pvr5-84gr-g985
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b9b1-624h-uubt |
|
| 91 |
| url |
VCID-bbmt-dnp7-w3hr |
| vulnerability_id |
VCID-bbmt-dnp7-w3hr |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9852 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65931 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65973 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66003 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65968 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66019 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66032 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66051 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66038 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66008 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66044 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66057 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66046 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9852 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9852
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bbmt-dnp7-w3hr |
|
| 92 |
| url |
VCID-bcmm-z26p-rkfp |
| vulnerability_id |
VCID-bcmm-z26p-rkfp |
| summary |
Improper Input Validation
An issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9860 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77197 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77104 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7711 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7714 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77122 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77155 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77163 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77191 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7717 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77165 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77206 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77207 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9860 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9860, GHSA-3hw5-fffc-qrg4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bcmm-z26p-rkfp |
|
| 93 |
| url |
VCID-bp8e-uxb2-n7hw |
| vulnerability_id |
VCID-bp8e-uxb2-n7hw |
| summary |
phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6944 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.5837 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58243 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58329 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58349 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58323 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58376 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58382 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58399 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58377 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58357 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58389 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58393 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6944 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-6944
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bp8e-uxb2-n7hw |
|
| 94 |
| url |
VCID-br1c-5bzf-ufeu |
| vulnerability_id |
VCID-br1c-5bzf-ufeu |
| summary |
SQL Injection
An issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-6798 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67578 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67474 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.6751 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67532 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67562 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67575 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67598 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67584 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67551 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67587 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00538 |
| scoring_system |
epss |
| scoring_elements |
0.67599 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-6798 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2019-6798 |
| reference_id |
CVE-2019-6798 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2019-6798 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-6798, GHSA-f732-fxh6-g4qj
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-br1c-5bzf-ufeu |
|
| 95 |
| url |
VCID-but8-t37e-kfdb |
| vulnerability_id |
VCID-but8-t37e-kfdb |
| summary |
phpMyAdmin: Multiple full path disclosure vulnerabilities (PMASA-2016-6) |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2042 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68826 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68848 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68731 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.6875 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.6877 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68748 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.688 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68819 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68841 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68827 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68797 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00577 |
| scoring_system |
epss |
| scoring_elements |
0.68838 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2042 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2042
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-but8-t37e-kfdb |
|
| 96 |
| url |
VCID-bwck-hexx-bff8 |
| vulnerability_id |
VCID-bwck-hexx-bff8 |
| summary |
Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2045 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.5183 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51849 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51697 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51746 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51772 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51733 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51787 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51784 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51835 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51815 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.518 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51842 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2045 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2045
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bwck-hexx-bff8 |
|
| 97 |
| url |
VCID-byej-4ev2-1uff |
| vulnerability_id |
VCID-byej-4ev2-1uff |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2642 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71201 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.7121 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71228 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71203 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71245 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71259 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71282 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71267 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71251 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71297 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71303 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00667 |
| scoring_system |
epss |
| scoring_elements |
0.71281 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2642 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2642
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-byej-4ev2-1uff |
|
| 98 |
| url |
VCID-c8fs-sxu6-63ht |
| vulnerability_id |
VCID-c8fs-sxu6-63ht |
| summary |
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-2031 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61144 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61224 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61252 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61219 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61266 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61281 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61301 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61287 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61269 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61308 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61313 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00409 |
| scoring_system |
epss |
| scoring_elements |
0.61293 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-2031 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-2031
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c8fs-sxu6-63ht |
|
| 99 |
| url |
VCID-c91y-txcw-2kdy |
| vulnerability_id |
VCID-c91y-txcw-2kdy |
| summary |
Cross-site Scripting
An issue was discovered in `js/designer/move.js` in phpMyAdm A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12581 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.70001 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.70069 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.69974 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.70026 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.69987 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.69978 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.70089 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.7008 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.70037 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.7005 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.70065 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.0062 |
| scoring_system |
epss |
| scoring_elements |
0.70042 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12581 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2018-12581 |
| reference_id |
CVE-2018-12581 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2018-12581 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12581, GHSA-vxj6-pm6r-23hq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c91y-txcw-2kdy |
|
| 100 |
| url |
VCID-cb4p-81h2-h7cb |
| vulnerability_id |
VCID-cb4p-81h2-h7cb |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3238 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98463 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98441 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98444 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98447 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98449 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98453 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98454 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98457 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98456 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.64584 |
| scoring_system |
epss |
| scoring_elements |
0.98462 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3238 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-3238
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cb4p-81h2-h7cb |
|
| 101 |
| url |
VCID-cqs4-ah6f-guet |
| vulnerability_id |
VCID-cqs4-ah6f-guet |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0987 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.8589 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85806 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85818 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85836 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85839 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85858 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85868 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85883 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.8588 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85875 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85894 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.02698 |
| scoring_system |
epss |
| scoring_elements |
0.85898 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0987 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-0987
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cqs4-ah6f-guet |
|
| 102 |
| url |
VCID-cx8d-r8hf-3kak |
| vulnerability_id |
VCID-cx8d-r8hf-3kak |
| summary |
phpMyAdmin vulnerable to Cross-Site Request Forgery
The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5739 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75976 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75895 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75898 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75931 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.7591 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75943 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75957 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75981 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75958 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75951 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75989 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00919 |
| scoring_system |
epss |
| scoring_elements |
0.75991 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5739 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5739 |
| reference_id |
CVE-2016-5739 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:N/A:N |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 2 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5739 |
|
| 88 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5739, GHSA-2p7v-jm8m-g3qq
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cx8d-r8hf-3kak |
|
| 103 |
| url |
VCID-cy6p-nz8a-zydk |
| vulnerability_id |
VCID-cy6p-nz8a-zydk |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-6300 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50772 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50793 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50763 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50787 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50656 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50744 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.5071 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50747 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50692 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00273 |
| scoring_system |
epss |
| scoring_elements |
0.50736 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-6300 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-6300, GHSA-6wfj-2mw7-p5cg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cy6p-nz8a-zydk |
|
| 104 |
| url |
VCID-cyj3-n6uq-d3ac |
| vulnerability_id |
VCID-cyj3-n6uq-d3ac |
| summary |
security update |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2561 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67314 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67336 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67214 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67251 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67275 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67252 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67304 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67317 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67337 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67324 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67289 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2561 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2561
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cyj3-n6uq-d3ac |
|
| 105 |
| url |
VCID-cypq-e4m8-q7ee |
| vulnerability_id |
VCID-cypq-e4m8-q7ee |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9855 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72503 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.7251 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72526 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72541 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72554 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72578 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72561 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72551 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72593 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72603 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00724 |
| scoring_system |
epss |
| scoring_elements |
0.72594 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9855 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9855
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cypq-e4m8-q7ee |
|
| 106 |
| url |
VCID-d8bk-mwu3-yfhu |
| vulnerability_id |
VCID-d8bk-mwu3-yfhu |
| summary |
phpMyAdmin contains multiple vulnerabilities that could lead to command
execution, XSS issues and bypass of security restrictions. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0653 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36323 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36285 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36462 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36496 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36331 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36381 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36401 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36408 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36373 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36351 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36393 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36376 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0653 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0653
|
| risk_score |
2.0 |
| exploitability |
0.5 |
| weighted_severity |
4.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d8bk-mwu3-yfhu |
|
| 107 |
| url |
VCID-dby9-xw23-huf5 |
| vulnerability_id |
VCID-dby9-xw23-huf5 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (2) DROP link for a crafted table name, (3) the Add Trigger popup within a Triggers page that references crafted table names, (4) an invalid trigger-creation attempt for a crafted table name, (5) crafted data in a table, or (6) a crafted tooltip label name during GIS data visualization, a different issue than CVE-2012-4345. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-4579 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40161 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40239 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4022 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40267 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40237 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40106 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40256 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4028 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40203 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40255 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40266 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40277 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-4579 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-4579, GHSA-q7v2-w38r-pv7v
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dby9-xw23-huf5 |
|
| 108 |
| url |
VCID-dfgy-a4j1-vfh2 |
| vulnerability_id |
VCID-dfgy-a4j1-vfh2 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6616 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54629 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.547 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54722 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54692 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54745 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54741 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54753 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54737 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54715 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54755 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54736 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6616 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6616
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dfgy-a4j1-vfh2 |
|
| 109 |
| url |
VCID-dgbb-768s-ducg |
| vulnerability_id |
VCID-dgbb-768s-ducg |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9858 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70411 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70425 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70442 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.7042 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70466 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70481 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70505 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.7049 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70476 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70518 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70526 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00637 |
| scoring_system |
epss |
| scoring_elements |
0.70506 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9858 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9858
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dgbb-768s-ducg |
|
| 110 |
| url |
VCID-dq1s-n5vp-q7gd |
| vulnerability_id |
VCID-dq1s-n5vp-q7gd |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-5274 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.4456 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44592 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44609 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.4458 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44636 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44629 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44504 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44579 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.446 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44537 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44587 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-5274 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-5274, GHSA-q586-xpwr-jc3j
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dq1s-n5vp-q7gd |
|
| 111 |
| url |
VCID-ds3z-k4ry-tqfa |
| vulnerability_id |
VCID-ds3z-k4ry-tqfa |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6615 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.65891 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.65932 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.65963 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.65929 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.6598 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.65992 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.66011 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.65998 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.65968 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.66003 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.66017 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.005 |
| scoring_system |
epss |
| scoring_elements |
0.66004 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6615 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6615
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ds3z-k4ry-tqfa |
|
| 112 |
| url |
VCID-ds84-gm9m-syce |
| vulnerability_id |
VCID-ds84-gm9m-syce |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9865 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65381 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.6543 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65457 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65421 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65475 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65486 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65505 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65491 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65464 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65501 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65512 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00488 |
| scoring_system |
epss |
| scoring_elements |
0.65496 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9865 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9865
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ds84-gm9m-syce |
|
| 113 |
| url |
VCID-e9qs-mvaa-wyc6 |
| vulnerability_id |
VCID-e9qs-mvaa-wyc6 |
| summary |
Incomplete List of Disallowed Inputs
An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6624 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53332 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53227 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53251 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53276 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53244 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53296 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53291 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53326 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53309 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53347 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.003 |
| scoring_system |
epss |
| scoring_elements |
0.53352 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6624 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6624, GHSA-mhxj-6vf8-mwv3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e9qs-mvaa-wyc6 |
|
| 114 |
| url |
VCID-ebk2-vjau-57h9 |
| vulnerability_id |
VCID-ebk2-vjau-57h9 |
| summary |
Information Exposure
An attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19968 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85409 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85495 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85498 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85494 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.8547 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85429 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85397 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85474 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85475 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85461 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85453 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.02543 |
| scoring_system |
epss |
| scoring_elements |
0.85432 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19968 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-19968, GHSA-xc97-r49q-cxgc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9 |
|
| 115 |
| url |
VCID-ejnb-3ya3-uqa6 |
| vulnerability_id |
VCID-ejnb-3ya3-uqa6 |
| summary |
phpMyAdmin Vulnerable to Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1940 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.51963 |
| published_at |
2026-04-09T12:55:00Z |
|
| 1 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.52009 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.5191 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.51964 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.52015 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.52029 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.52023 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.51981 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.51997 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.51871 |
| published_at |
2026-04-01T12:55:00Z |
|
| 10 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.51919 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.51946 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1940 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-1940, GHSA-4q58-5x28-53wv
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ejnb-3ya3-uqa6 |
|
| 116 |
| url |
VCID-ejut-u1r7-4qeb |
| vulnerability_id |
VCID-ejut-u1r7-4qeb |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9848 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56336 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56434 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56456 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56437 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56488 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56494 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56504 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56479 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.5646 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56493 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00336 |
| scoring_system |
epss |
| scoring_elements |
0.56464 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9848 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9848
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ejut-u1r7-4qeb |
|
| 117 |
| url |
VCID-eme6-fdwd-9ye1 |
| vulnerability_id |
VCID-eme6-fdwd-9ye1 |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3055 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82477 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82362 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82377 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82394 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82391 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82419 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82426 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82445 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82441 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82436 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82471 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01727 |
| scoring_system |
epss |
| scoring_elements |
0.82473 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3055 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-3055
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eme6-fdwd-9ye1 |
|
| 118 |
| url |
VCID-eq3j-14fc-2uev |
| vulnerability_id |
VCID-eq3j-14fc-2uev |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4986 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.5669 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56721 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56725 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56734 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56709 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56688 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56719 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56717 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56573 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56669 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56689 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4986 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4986, GHSA-jqmr-wqgp-8mh2
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eq3j-14fc-2uev |
|
| 119 |
| url |
VCID-f4d7-69e8-sqej |
| vulnerability_id |
VCID-f4d7-69e8-sqej |
| summary |
The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8980 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.8922 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89224 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89162 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89168 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89183 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89186 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89204 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89208 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89218 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89214 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.04573 |
| scoring_system |
epss |
| scoring_elements |
0.89212 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8980 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8980
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f4d7-69e8-sqej |
|
| 120 |
| url |
VCID-f72b-1uxn-syan |
| vulnerability_id |
VCID-f72b-1uxn-syan |
| summary |
Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of
which may allow for remote code execution. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-5621 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70836 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70746 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70761 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70779 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70755 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.708 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70816 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70838 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70822 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70807 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70852 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00649 |
| scoring_system |
epss |
| scoring_elements |
0.70858 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-5621 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-5621
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
5.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f72b-1uxn-syan |
|
| 121 |
| url |
VCID-f7gd-w9r7-xyb2 |
| vulnerability_id |
VCID-f7gd-w9r7-xyb2 |
| summary |
phpMyAdmin Cryptographic Vulnerability
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-1927 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70271 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70177 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70189 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70206 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70183 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70229 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70244 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70267 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70252 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70239 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.70281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00628 |
| scoring_system |
epss |
| scoring_elements |
0.7029 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-1927 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-1927 |
| reference_id |
CVE-2016-1927 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:N/A:N |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 2 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-1927 |
|
| 73 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-1927, GHSA-4gmg-gwjh-3mmr
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f7gd-w9r7-xyb2 |
|
| 122 |
| url |
VCID-fchc-55te-akhe |
| vulnerability_id |
VCID-fchc-55te-akhe |
| summary |
Cross-site Scripting
An issue was discovered in phpMyAdm. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-15605 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71465 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71392 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.714 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71418 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71433 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71446 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71468 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71452 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71434 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.7148 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71485 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-15605 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-15605, GHSA-c958-4j9x-q7w4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fchc-55te-akhe |
|
| 123 |
| url |
VCID-ff6r-sq16-nbff |
| vulnerability_id |
VCID-ff6r-sq16-nbff |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6611 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58388 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58474 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58494 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58465 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58517 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58524 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.5854 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58521 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58501 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58534 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58539 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6611 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6611
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ff6r-sq16-nbff |
|
| 124 |
| url |
VCID-fgr8-8j61-cufq |
| vulnerability_id |
VCID-fgr8-8j61-cufq |
| summary |
Information Exposure
An issue was discovered in phpMyAdmin. A user can exploit the "LOAD LOCAL INFILE" functionality to expose files on the server to the database system. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6612 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61453 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61298 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61377 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61406 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61375 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61422 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61437 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61459 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61444 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61426 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61465 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61469 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6612 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6612, GHSA-fcgm-62p3-f7cm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fgr8-8j61-cufq |
|
| 125 |
| url |
VCID-fhw5-5mdt-7ff3 |
| vulnerability_id |
VCID-fhw5-5mdt-7ff3 |
| summary |
Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6374 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72458 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72374 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72379 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72398 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72375 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72414 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72426 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72449 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72432 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.7242 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72461 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.7247 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6374 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-6374
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fhw5-5mdt-7ff3 |
|
| 126 |
| url |
VCID-fkrx-s41u-cqhq |
| vulnerability_id |
VCID-fkrx-s41u-cqhq |
| summary |
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1148 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60176 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60019 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60096 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60121 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.6009 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.6014 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60154 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60175 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60161 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60144 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60183 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.6019 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1148 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-1148
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fkrx-s41u-cqhq |
|
| 127 |
| url |
VCID-fmfa-eer5-afe1 |
| vulnerability_id |
VCID-fmfa-eer5-afe1 |
| summary |
Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-2016 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55388 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55227 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55325 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55349 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55331 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55382 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55392 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55371 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55352 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-2016 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-2016
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fmfa-eer5-afe1 |
|
| 128 |
| url |
VCID-ftdj-p5as-97hd |
| vulnerability_id |
VCID-ftdj-p5as-97hd |
| summary |
Cross-Site Request Forgery (CSRF)
phpMyAdm has CSRF, allowing an attacker to execute arbitrary SQL statements, related to `js/db_operations.js`, `js/tbl_operations.js`, `libraries/classes/Operations.php`, and `sql.php.` |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-10188 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.7618 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76093 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76096 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76128 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76107 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.7614 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76153 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76179 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76155 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76152 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76193 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00935 |
| scoring_system |
epss |
| scoring_elements |
0.76197 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-10188 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2018-10188 |
| reference_id |
CVE-2018-10188 |
| reference_type |
|
| scores |
| 0 |
| value |
6.8 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2018-10188 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-10188, GHSA-v6fp-h79x-9rqc
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ftdj-p5as-97hd |
|
| 129 |
| url |
VCID-fvks-9975-p3ev |
| vulnerability_id |
VCID-fvks-9975-p3ev |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4987 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41115 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41095 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41187 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41217 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41144 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41192 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41201 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41221 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41189 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41175 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00192 |
| scoring_system |
epss |
| scoring_elements |
0.41218 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4987 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4987
|
| risk_score |
1.8 |
| exploitability |
0.5 |
| weighted_severity |
3.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fvks-9975-p3ev |
|
| 130 |
| url |
VCID-fvnp-w4kk-3qfq |
| vulnerability_id |
VCID-fvnp-w4kk-3qfq |
| summary |
Cross-site Scripting
XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6608 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63751 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63625 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63685 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63711 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63671 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63723 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63741 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63755 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.6374 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63706 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63742 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6608 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6608, GHSA-jfmj-27fp-qp67
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fvnp-w4kk-3qfq |
|
| 131 |
| url |
VCID-g438-3c4q-9bcf |
| vulnerability_id |
VCID-g438-3c4q-9bcf |
| summary |
libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2044 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63081 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63102 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.62958 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63017 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63046 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.6301 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63061 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63077 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63094 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.6308 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63058 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2044 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2044
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g438-3c4q-9bcf |
|
| 132 |
| url |
VCID-g6ud-92qe-hqcx |
| vulnerability_id |
VCID-g6ud-92qe-hqcx |
| summary |
phpMyAdmin unsanitized Git information
phpMyAdmin before 4.9.2 does not escape certain Git information, related to `libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-19617 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78487 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78518 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78481 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78556 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78559 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.7856 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78532 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.7854 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78558 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78533 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78528 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.01155 |
| scoring_system |
epss |
| scoring_elements |
0.78501 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-19617 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-19617, GHSA-pgph-mc4p-f8c3
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g6ud-92qe-hqcx |
|
| 133 |
| url |
VCID-g76e-r914-xfgc |
| vulnerability_id |
VCID-g76e-r914-xfgc |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5702 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48021 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48053 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48097 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48102 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4805 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47991 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48041 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48039 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48062 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48038 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48044 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47983 |
| published_at |
2026-04-01T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5702 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5702 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
3.7 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 3 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5702 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5702, GHSA-xqw9-ffx7-g998
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g76e-r914-xfgc |
|
| 134 |
| url |
VCID-gcf6-vwen-yfcx |
| vulnerability_id |
VCID-gcf6-vwen-yfcx |
| summary |
phpMyAdmin: Insufficient output sanitizing when generating configuration file fixed in 3.1.3.2 (PMASA-2009-4) |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1285 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57645 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.5773 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57751 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57724 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57779 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57782 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57798 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57776 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57755 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57784 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57758 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1285 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1285
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gcf6-vwen-yfcx |
|
| 135 |
| url |
VCID-gmdu-q4tt-1fge |
| vulnerability_id |
VCID-gmdu-q4tt-1fge |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3903 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.7862 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78627 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78657 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78638 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78664 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78671 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78696 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78678 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.7867 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78698 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.01171 |
| scoring_system |
epss |
| scoring_elements |
0.78693 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3903 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-3903
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gmdu-q4tt-1fge |
|
| 136 |
| url |
VCID-gs9p-kgrd-vqd4 |
| vulnerability_id |
VCID-gs9p-kgrd-vqd4 |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0986 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67851 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67833 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67848 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67871 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67857 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.6782 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67856 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67869 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67748 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67782 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00546 |
| scoring_system |
epss |
| scoring_elements |
0.67802 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0986 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-0986, GHSA-wcmm-28rg-mg3r
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gs9p-kgrd-vqd4 |
|
| 137 |
| url |
VCID-gu4y-aeqx-mqak |
| vulnerability_id |
VCID-gu4y-aeqx-mqak |
| summary |
SQL injection in phpMyAdmin
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18622 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72851 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72752 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.7276 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.7278 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72756 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72794 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72808 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72832 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72815 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72807 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72849 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00736 |
| scoring_system |
epss |
| scoring_elements |
0.72859 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18622 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-18622, GHSA-jgjc-332c-8cmc
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gu4y-aeqx-mqak |
|
| 138 |
| url |
VCID-gzqe-8ywj-h7hk |
| vulnerability_id |
VCID-gzqe-8ywj-h7hk |
| summary |
Cryptographic Issues
An issue was discovered in phpMyAdmin. When the user does not specify a `blowfish_secret` key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's `blowfish_secret` and potentially decrypt their cookies. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9847 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62618 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.627 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62719 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62711 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62671 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62694 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62704 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62686 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62563 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62621 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.6267 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62653 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9847 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9847, GHSA-9xhq-pm7v-693p
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gzqe-8ywj-h7hk |
|
| 139 |
| url |
VCID-gzur-ntbe-8fbn |
| vulnerability_id |
VCID-gzur-ntbe-8fbn |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1678 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77257 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77263 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77292 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77274 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77304 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77313 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.7734 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.7732 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77317 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77356 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.0103 |
| scoring_system |
epss |
| scoring_elements |
0.77348 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1678 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-1678
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gzur-ntbe-8fbn |
|
| 140 |
| url |
VCID-h22a-2v9u-4ucf |
| vulnerability_id |
VCID-h22a-2v9u-4ucf |
| summary |
Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2043 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60347 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60359 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60188 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60291 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60259 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60309 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60323 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60344 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.6033 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60311 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00394 |
| scoring_system |
epss |
| scoring_elements |
0.60351 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2043 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2043
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h22a-2v9u-4ucf |
|
| 141 |
| url |
VCID-h267-bur1-ekg2 |
| vulnerability_id |
VCID-h267-bur1-ekg2 |
| summary |
Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3742 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40161 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40106 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40256 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4028 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40203 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40255 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40266 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40277 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40239 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4022 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40267 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40237 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3742 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-3742
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h267-bur1-ekg2 |
|
| 142 |
| url |
VCID-h375-axpr-3yf9 |
| vulnerability_id |
VCID-h375-axpr-3yf9 |
| summary |
phpMyAdmin is vulnerable to a cross-site scripting attack. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0992 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.93136 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.9308 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.9309 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.93093 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.93092 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.931 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.93105 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.9311 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.93108 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.93109 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.93126 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.10163 |
| scoring_system |
epss |
| scoring_elements |
0.9313 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0992 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0992
|
| risk_score |
7.8 |
| exploitability |
2.0 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h375-axpr-3yf9 |
|
| 143 |
| url |
VCID-h5wu-ugm7-4bah |
| vulnerability_id |
VCID-h5wu-ugm7-4bah |
| summary |
Code Injection
An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6633 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.8296 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82853 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82869 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82882 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82878 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82903 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82911 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82926 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82922 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82918 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01833 |
| scoring_system |
epss |
| scoring_elements |
0.82957 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6633 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6633, GHSA-p849-vf5f-f3x7
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h5wu-ugm7-4bah |
|
| 144 |
| url |
VCID-hctp-h512-9qcn |
| vulnerability_id |
VCID-hctp-h512-9qcn |
| summary |
Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of
which may allow for remote code execution. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-4096 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94984 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94936 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94945 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94946 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94947 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94956 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.9496 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94964 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94966 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94969 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94977 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.16932 |
| scoring_system |
epss |
| scoring_elements |
0.94981 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-4096 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-4096
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
7.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hctp-h512-9qcn |
|
| 145 |
| url |
VCID-hgvu-q7zf-3bcb |
| vulnerability_id |
VCID-hgvu-q7zf-3bcb |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9862 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.6384 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63899 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63926 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63884 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63934 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63952 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63964 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.6395 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63918 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63962 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00457 |
| scoring_system |
epss |
| scoring_elements |
0.63953 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9862 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9862
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hgvu-q7zf-3bcb |
|
| 146 |
| url |
VCID-hna7-wpcb-b3dq |
| vulnerability_id |
VCID-hna7-wpcb-b3dq |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-2206 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.7585 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75854 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75886 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75865 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75897 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75911 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75934 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75915 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75908 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75946 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00916 |
| scoring_system |
epss |
| scoring_elements |
0.75949 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-2206 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-2206
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hna7-wpcb-b3dq |
|
| 147 |
| url |
VCID-hnud-ktgb-dfe6 |
| vulnerability_id |
VCID-hnud-ktgb-dfe6 |
| summary |
Improper Privilege Management
An issue was discovered in `libraries/common` which allows users who have no password set to log in even if the administrator has set `$cfg['Servers'][$i]['AllowNoPassword']` to `false` (which is also the default). |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-18264 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53691 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53747 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53766 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53761 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53724 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53741 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53757 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53709 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53711 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53658 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53663 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00305 |
| scoring_system |
epss |
| scoring_elements |
0.53643 |
| published_at |
2026-04-01T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-18264 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2017-18264 |
| reference_id |
CVE-2017-18264 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2017-18264 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-18264, GHSA-5868-g58j-vrj5
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hnud-ktgb-dfe6 |
|
| 148 |
| url |
VCID-hucu-azum-53bw |
| vulnerability_id |
VCID-hucu-azum-53bw |
| summary |
Information Exposure
phpMyAdmin allows remote attackers to obtain sensitive information. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5730 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79883 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79801 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.7988 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79879 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79851 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79859 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79875 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79854 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79846 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79817 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79829 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.01317 |
| scoring_system |
epss |
| scoring_elements |
0.79808 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5730 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5730 |
| reference_id |
CVE-2016-5730 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5730 |
|
| 77 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5730, GHSA-wm9c-vcv2-vpqc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hucu-azum-53bw |
|
| 149 |
| url |
VCID-j3s8-nxah-pqgz |
| vulnerability_id |
VCID-j3s8-nxah-pqgz |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6620 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.8035 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80357 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80376 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80366 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80395 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80405 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80423 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80408 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80401 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80431 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80432 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.01398 |
| scoring_system |
epss |
| scoring_elements |
0.80435 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6620 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6620
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j3s8-nxah-pqgz |
|
| 150 |
| url |
VCID-jhqf-gw62-9ygq |
| vulnerability_id |
VCID-jhqf-gw62-9ygq |
| summary |
security update |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2039 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59618 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59634 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59481 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59554 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59579 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59548 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59599 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59612 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59631 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59614 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59594 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00382 |
| scoring_system |
epss |
| scoring_elements |
0.59627 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2039 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2039
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jhqf-gw62-9ygq |
|
| 151 |
| url |
VCID-jj7e-xndw-6fcp |
| vulnerability_id |
VCID-jj7e-xndw-6fcp |
| summary |
Improper Input Validation
An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9851 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47365 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47299 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47335 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47355 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47303 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47358 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47356 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47379 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47354 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47361 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.4742 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47413 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9851 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9851, GHSA-r2vw-p77f-vc27
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jj7e-xndw-6fcp |
|
| 152 |
| url |
VCID-jma9-9uhu-xuc3 |
| vulnerability_id |
VCID-jma9-9uhu-xuc3 |
| summary |
SQL Injection
A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11768 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82849 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82795 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82801 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82817 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82813 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82808 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82847 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82846 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82743 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82759 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82772 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.01803 |
| scoring_system |
epss |
| scoring_elements |
0.82769 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11768 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-11768, GHSA-x37v-98f9-mj32
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jma9-9uhu-xuc3 |
|
| 153 |
| url |
VCID-jr29-bd8n-ryap |
| vulnerability_id |
VCID-jr29-bd8n-ryap |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4998 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48286 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48322 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48343 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48295 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.4835 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48344 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48369 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48342 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48354 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48405 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.484 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4998 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-4998
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jr29-bd8n-ryap |
|
| 154 |
| url |
VCID-jvq4-djby-zkhe |
| vulnerability_id |
VCID-jvq4-djby-zkhe |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5001 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40106 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40256 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4028 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40203 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40255 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40266 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40277 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40239 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4022 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40267 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40237 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40161 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5001 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-5001
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jvq4-djby-zkhe |
|
| 155 |
| url |
VCID-jypm-yg7x-p3cn |
| vulnerability_id |
VCID-jypm-yg7x-p3cn |
| summary |
Improper Restriction of XML External Entity Reference
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4107 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.93927 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.93861 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.9387 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.9388 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.93883 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.93892 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.93895 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.93899 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.9392 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.12434 |
| scoring_system |
epss |
| scoring_elements |
0.93926 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4107 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4107, GHSA-q4mm-89q2-xffg
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jypm-yg7x-p3cn |
|
| 156 |
| url |
VCID-k2we-2rxz-aye3 |
| vulnerability_id |
VCID-k2we-2rxz-aye3 |
| summary |
phpMyAdmin: user/password/secret key are stored plaintext |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1567 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12251 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12366 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12411 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12211 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12291 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12341 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12348 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12311 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12273 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12166 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12169 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12275 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-1567 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-1567
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k2we-2rxz-aye3 |
|
| 157 |
| url |
VCID-k7kn-ynne-b3gv |
| vulnerability_id |
VCID-k7kn-ynne-b3gv |
| summary |
Cross-site Scripting
A Cross-site scripting (XSS) vulnerability in the format function in `libraries/sql-parser/src/Utils/Error.php` in the SQL parser in phpMyAdmin allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2559 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51272 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51286 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51307 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51252 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51297 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51319 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51311 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51227 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51211 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51174 |
| published_at |
2026-04-01T12:55:00Z |
|
| 10 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51263 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51266 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2559 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2559 |
| reference_id |
CVE-2016-2559 |
| reference_type |
|
| scores |
| 0 |
| value |
3.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
5.4 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2559 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2559, GHSA-7rf8-9r8f-qf59
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k7kn-ynne-b3gv |
|
| 158 |
| url |
VCID-kb9j-j8s4-3kbd |
| vulnerability_id |
VCID-kb9j-j8s4-3kbd |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4634 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62043 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.61988 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.61958 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62007 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62024 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62046 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62035 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62013 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62056 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62061 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.61883 |
| published_at |
2026-04-01T12:55:00Z |
|
| 11 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.61956 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4634 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4634, GHSA-9j9h-cpgc-8356
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kb9j-j8s4-3kbd |
|
| 159 |
| url |
VCID-kbep-m12y-63c8 |
| vulnerability_id |
VCID-kbep-m12y-63c8 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3696 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87405 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87341 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.8735 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87366 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87365 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87384 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87391 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87403 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87398 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87394 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87408 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.03385 |
| scoring_system |
epss |
| scoring_elements |
0.87411 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-3696 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-3696, GHSA-5pvv-f8h3-gw96
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kbep-m12y-63c8 |
|
| 160 |
| url |
VCID-kdu8-dzvr-fubc |
| vulnerability_id |
VCID-kdu8-dzvr-fubc |
| summary |
phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) `js/functions.js` and (2) `js/tbl_structure.js`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3591 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39531 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39566 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39621 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39636 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39645 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39609 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39593 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39644 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39614 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39478 |
| published_at |
2026-04-01T12:55:00Z |
|
| 10 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39627 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.3965 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3591 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-3591, GHSA-3p87-w3c5-27gf
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kdu8-dzvr-fubc |
|
| 161 |
| url |
VCID-kke6-fqmn-pug2 |
| vulnerability_id |
VCID-kke6-fqmn-pug2 |
| summary |
phpMyAdmin multiple cross-site scripting vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5339 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43128 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.4316 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43173 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43194 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43161 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43146 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43205 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43195 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43083 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43142 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43169 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00208 |
| scoring_system |
epss |
| scoring_elements |
0.43107 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5339 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-5339, GHSA-rfpg-2fp8-2fph
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kke6-fqmn-pug2 |
|
| 162 |
| url |
VCID-ktmy-w9g2-1fav |
| vulnerability_id |
VCID-ktmy-w9g2-1fav |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5098 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63778 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63768 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63651 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63711 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63737 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63697 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63749 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63766 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.6378 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63765 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00452 |
| scoring_system |
epss |
| scoring_elements |
0.63732 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5098 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5098
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ktmy-w9g2-1fav |
|
| 163 |
| url |
VCID-kxd6-ms48-dyhz |
| vulnerability_id |
VCID-kxd6-ms48-dyhz |
| summary |
phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0095 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72164 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72085 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72091 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72111 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72088 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72125 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72137 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.7216 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72144 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72129 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72171 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00706 |
| scoring_system |
epss |
| scoring_elements |
0.72179 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0095 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-0095
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kxd6-ms48-dyhz |
|
| 164 |
| url |
VCID-mc57-a2n4-2uh1 |
| vulnerability_id |
VCID-mc57-a2n4-2uh1 |
| summary |
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0459 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58299 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58172 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58257 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58278 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58253 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58306 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58312 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.5833 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58307 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58287 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58319 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00362 |
| scoring_system |
epss |
| scoring_elements |
0.58322 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0459 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0459
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mc57-a2n4-2uh1 |
|
| 165 |
| url |
VCID-mf42-xrqt-9qf7 |
| vulnerability_id |
VCID-mf42-xrqt-9qf7 |
| summary |
Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of
which may allow for remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6942 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84587 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84489 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84505 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84526 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84529 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.8455 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84556 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84575 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.8457 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84566 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84585 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.02243 |
| scoring_system |
epss |
| scoring_elements |
0.84586 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6942 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-6942
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mf42-xrqt-9qf7 |
|
| 166 |
| url |
VCID-mk34-h4nz-b3ey |
| vulnerability_id |
VCID-mk34-h4nz-b3ey |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote attackers to conduct XSS. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26934 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86094 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86042 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86026 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86014 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86101 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86096 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86079 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86083 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86086 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86072 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.02788 |
| scoring_system |
epss |
| scoring_elements |
0.86061 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26934 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-26934, GHSA-6349-53vr-7hcr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mk34-h4nz-b3ey |
|
| 167 |
| url |
VCID-mn5d-q2r5-qyhn |
| vulnerability_id |
VCID-mn5d-q2r5-qyhn |
| summary |
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8669 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65478 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65494 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65366 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65414 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65441 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65404 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65456 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65467 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65486 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65473 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65445 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00487 |
| scoring_system |
epss |
| scoring_elements |
0.65483 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8669 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8669
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mn5d-q2r5-qyhn |
|
| 168 |
| url |
VCID-mwtw-n1tv-hfd9 |
| vulnerability_id |
VCID-mwtw-n1tv-hfd9 |
| summary |
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in `db_central_columns.php` in phpMyAdm allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-7260 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53422 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53503 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53522 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53517 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53481 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53448 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53399 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53498 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53515 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53466 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53469 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00302 |
| scoring_system |
epss |
| scoring_elements |
0.53417 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-7260 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-7260, GHSA-gqmj-f46x-wqhw
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mwtw-n1tv-hfd9 |
|
| 169 |
| url |
VCID-mwu8-y8yv-3uh7 |
| vulnerability_id |
VCID-mwu8-y8yv-3uh7 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8961 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80789 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80695 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80704 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80725 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80721 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.8075 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80758 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80775 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80759 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80751 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01447 |
| scoring_system |
epss |
| scoring_elements |
0.80788 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-8961 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-8961
|
| risk_score |
1.8 |
| exploitability |
0.5 |
| weighted_severity |
3.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mwu8-y8yv-3uh7 |
|
| 170 |
| url |
VCID-n9cd-f892-r7by |
| vulnerability_id |
VCID-n9cd-f892-r7by |
| summary |
PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] array arguments to (c) index.php, and the (7) back[] argument to (d) sql.php; and an invalid (8) sort_by parameter to (e) server_databases.php and (9) db parameter to (f) db_printview.php. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6943 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93657 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93591 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.936 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93608 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.9361 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93619 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93622 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93627 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93645 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.1154 |
| scoring_system |
epss |
| scoring_elements |
0.93652 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-6943 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-6943
|
| risk_score |
9.0 |
| exploitability |
2.0 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n9cd-f892-r7by |
|
| 171 |
| url |
VCID-na3j-h3qr-k7dc |
| vulnerability_id |
VCID-na3j-h3qr-k7dc |
| summary |
Improper Authentication
An issue was discovered in phpMyAdm. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23807 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35008 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35107 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35135 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35014 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35059 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35085 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35089 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35055 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.3503 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35068 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35053 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23807 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-23807, GHSA-8wf2-3ggj-78q9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-na3j-h3qr-k7dc |
|
| 172 |
| url |
VCID-ndjn-p6gb-u7g4 |
| vulnerability_id |
VCID-ndjn-p6gb-u7g4 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23808 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.4879 |
| scoring_system |
epss |
| scoring_elements |
0.97765 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.4879 |
| scoring_system |
epss |
| scoring_elements |
0.97768 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.98609 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.98608 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.98606 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.98605 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.98603 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.98597 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.98601 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.68413 |
| scoring_system |
epss |
| scoring_elements |
0.9861 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23808 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-23808, GHSA-vcwc-6mr9-8m7c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ndjn-p6gb-u7g4 |
|
| 173 |
| url |
VCID-nfuk-7739-xqaw |
| vulnerability_id |
VCID-nfuk-7739-xqaw |
| summary |
Improper Input Validation
The `checkHTTP` function in `libraries/Config.class.php` in phpMyAdmin does not verify X.509 certificates from `api.github.com` SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2562 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45846 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45877 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45854 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45851 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.459 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45907 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45853 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45801 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45829 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45764 |
| published_at |
2026-04-01T12:55:00Z |
|
| 10 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45857 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2562 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2562 |
| reference_id |
CVE-2016-2562 |
| reference_type |
|
| scores |
| 0 |
| value |
5.8 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:P/I:P/A:N |
|
| 1 |
| value |
6.8 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N |
|
| 2 |
| value |
6.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2562 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2562, GHSA-w8qg-j9fp-hrjf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nfuk-7739-xqaw |
|
| 174 |
| url |
VCID-ngtc-xtjn-xbhp |
| vulnerability_id |
VCID-ngtc-xtjn-xbhp |
| summary |
phpMyAdmin SQL injection vulnerability
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10802 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81852 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81779 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81873 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81871 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.8187 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81834 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.8184 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81826 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.818 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81802 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81769 |
| published_at |
2026-04-01T12:55:00Z |
|
| 11 |
| value |
0.01622 |
| scoring_system |
epss |
| scoring_elements |
0.81833 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10802 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-10802, GHSA-f4cr-3xmc-2wpm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ngtc-xtjn-xbhp |
|
| 175 |
| url |
VCID-ngu6-dbfs-kua7 |
| vulnerability_id |
VCID-ngu6-dbfs-kua7 |
| summary |
A vulnerability has been found in the MIME-based transformation system of
phpMyAdmin, which may allow remote execution of arbitrary commands if PHP's
"safe mode" is disabled. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-2630 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84059 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.83964 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.83978 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.83993 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.83996 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84019 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84026 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84043 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84036 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84032 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84055 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.02091 |
| scoring_system |
epss |
| scoring_elements |
0.84057 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-2630 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-2630
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ngu6-dbfs-kua7 |
|
| 176 |
| url |
VCID-nkma-sb5f-q3dv |
| vulnerability_id |
VCID-nkma-sb5f-q3dv |
| summary |
phpMyAdmin: Self-XSS due to unescaped HTML output in recent/favorite tables navigation |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4348 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39885 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39825 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39971 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39999 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.3992 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39974 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39987 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39998 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39962 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39942 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39991 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00182 |
| scoring_system |
epss |
| scoring_elements |
0.39963 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4348 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4348
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nkma-sb5f-q3dv |
|
| 177 |
| url |
VCID-nr3p-zfc2-p7ac |
| vulnerability_id |
VCID-nr3p-zfc2-p7ac |
| summary |
export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3241 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87375 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87308 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87318 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87334 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87333 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87352 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87359 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87371 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87366 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87362 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87377 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.03369 |
| scoring_system |
epss |
| scoring_elements |
0.87381 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3241 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-3241
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nr3p-zfc2-p7ac |
|
| 178 |
| url |
VCID-nwq5-yv4h-5qch |
| vulnerability_id |
VCID-nwq5-yv4h-5qch |
| summary |
phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-5117 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64201 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64258 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64286 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64246 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64296 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64311 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64324 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64313 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64287 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64321 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00463 |
| scoring_system |
epss |
| scoring_elements |
0.64332 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-5117 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-5117
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nwq5-yv4h-5qch |
|
| 179 |
| url |
VCID-nz1c-xk2s-3fau |
| vulnerability_id |
VCID-nz1c-xk2s-3fau |
| summary |
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in `examples/openid.php` in phpMyAdmin allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5731 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62116 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62205 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62222 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62148 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62057 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62215 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62171 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62192 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62203 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62184 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00424 |
| scoring_system |
epss |
| scoring_elements |
0.62166 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5731 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5731 |
| reference_id |
CVE-2016-5731 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5731 |
|
| 90 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5731, GHSA-mwm8-36c5-j5cf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nz1c-xk2s-3fau |
|
| 180 |
| url |
VCID-p845-pm2f-bucj |
| vulnerability_id |
VCID-p845-pm2f-bucj |
| summary |
Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0567 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79065 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.78994 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79001 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79027 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79012 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79036 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79043 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79067 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79052 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.79042 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01218 |
| scoring_system |
epss |
| scoring_elements |
0.7907 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0567 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0567
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p845-pm2f-bucj |
|
| 181 |
| url |
VCID-pafj-sk1g-5fdr |
| vulnerability_id |
VCID-pafj-sk1g-5fdr |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3056 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73396 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73301 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.7331 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73334 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73306 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73343 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73356 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.7338 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.7336 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73352 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73395 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00761 |
| scoring_system |
epss |
| scoring_elements |
0.73403 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3056 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-3056
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pafj-sk1g-5fdr |
|
| 182 |
| url |
VCID-pczy-9zxk-mff9 |
| vulnerability_id |
VCID-pczy-9zxk-mff9 |
| summary |
Multiple vulnerabilities in phpMyAdmin may allow a remote attacker with a
valid user account to alter configuration variables and execute arbitrary
PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-2631 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94343 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94352 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94363 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94364 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94373 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94377 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94381 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94382 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94397 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94403 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.14197 |
| scoring_system |
epss |
| scoring_elements |
0.94406 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-2631 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-2631
|
| risk_score |
0.2 |
| exploitability |
2.0 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pczy-9zxk-mff9 |
|
| 183 |
| url |
VCID-pgne-8bg1-vbhe |
| vulnerability_id |
VCID-pgne-8bg1-vbhe |
| summary |
phpMyAdmin: multiple security fixes in 3.1.3.1 (PMASA-2009-{1,2,3}) |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1148 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69385 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69285 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69298 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69315 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69295 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69345 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69362 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69384 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69369 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69355 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69394 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69404 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1148 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1148
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pgne-8bg1-vbhe |
|
| 184 |
| url |
VCID-pqzx-hxpa-ruez |
| vulnerability_id |
VCID-pqzx-hxpa-ruez |
| summary |
Multiple errors in phpMyAdmin might allow the remote execution of arbitrary
code or a Cross-Site Scripting attack. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1150 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73175 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73078 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73088 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73108 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73083 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73119 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73132 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73156 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73136 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.7313 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73173 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00749 |
| scoring_system |
epss |
| scoring_elements |
0.73182 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1150 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1150
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pqzx-hxpa-ruez |
|
| 185 |
| url |
VCID-q2be-73wp-tbav |
| vulnerability_id |
VCID-q2be-73wp-tbav |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5002 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4328 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43293 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43355 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43344 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43232 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43288 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43317 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43254 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43305 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4332 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43309 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5002 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-5002, GHSA-p632-5w74-x8xx
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q2be-73wp-tbav |
|
| 186 |
| url |
VCID-q6z8-dgxc-h3fr |
| vulnerability_id |
VCID-q6z8-dgxc-h3fr |
| summary |
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5159 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.8794 |
| scoring_system |
epss |
| scoring_elements |
0.99476 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.8794 |
| scoring_system |
epss |
| scoring_elements |
0.99482 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.8794 |
| scoring_system |
epss |
| scoring_elements |
0.99475 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.8794 |
| scoring_system |
epss |
| scoring_elements |
0.99473 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.8794 |
| scoring_system |
epss |
| scoring_elements |
0.99478 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.8794 |
| scoring_system |
epss |
| scoring_elements |
0.99479 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5159 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-5159
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q6z8-dgxc-h3fr |
|
| 187 |
| url |
VCID-qcra-cu62-43he |
| vulnerability_id |
VCID-qcra-cu62-43he |
| summary |
Cross-site Scripting
In phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19970 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81175 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81074 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81083 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81108 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81107 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81135 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81141 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81159 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81146 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81139 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81176 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01501 |
| scoring_system |
epss |
| scoring_elements |
0.81178 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19970 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-19970, GHSA-8987-93fh-rcwq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he |
|
| 188 |
| url |
VCID-qfg6-ugqq-3fdx |
| vulnerability_id |
VCID-qfg6-ugqq-3fdx |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6614 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78078 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78087 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78117 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78099 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78126 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78132 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78158 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.7814 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78136 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78169 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78168 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.0111 |
| scoring_system |
epss |
| scoring_elements |
0.78163 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6614 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6614
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qfg6-ugqq-3fdx |
|
| 189 |
| url |
VCID-qmpu-qjet-mqh8 |
| vulnerability_id |
VCID-qmpu-qjet-mqh8 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5097 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.68021 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.68039 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.67929 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.67951 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.67971 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.6795 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.68001 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.68014 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.68037 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.68024 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.67989 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00551 |
| scoring_system |
epss |
| scoring_elements |
0.68026 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5097 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5097
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qmpu-qjet-mqh8 |
|
| 190 |
| url |
VCID-qrm9-716c-2ybp |
| vulnerability_id |
VCID-qrm9-716c-2ybp |
| summary |
Improper Control of Generation of Code ('Code Injection')
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability." |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2505 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97166 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97165 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97157 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97156 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97155 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97151 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97134 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97171 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.9714 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97127 |
| published_at |
2026-04-01T12:55:00Z |
|
| 10 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.9715 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.37008 |
| scoring_system |
epss |
| scoring_elements |
0.97141 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2505 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2505, GHSA-vqcm-r62w-w437
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qrm9-716c-2ybp |
|
| 191 |
| url |
VCID-qyt8-pcq2-kufz |
| vulnerability_id |
VCID-qyt8-pcq2-kufz |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6626 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62624 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62682 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62715 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62679 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62731 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62747 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62765 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62755 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62772 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.6278 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00433 |
| scoring_system |
epss |
| scoring_elements |
0.62761 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6626 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6626
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qyt8-pcq2-kufz |
|
| 192 |
| url |
VCID-r8te-6fr7-tuc2 |
| vulnerability_id |
VCID-r8te-6fr7-tuc2 |
| summary |
phpMyAdmin vulnerable to Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5705 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69649 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69534 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69547 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69562 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69541 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69591 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69608 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.6963 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69615 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69601 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.69641 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5705 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5705 |
| reference_id |
CVE-2016-5705 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5705 |
|
| 63 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5705, GHSA-6q2j-8h8q-46mr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r8te-6fr7-tuc2 |
|
| 193 |
| url |
VCID-rggj-3cd7-m7hj |
| vulnerability_id |
VCID-rggj-3cd7-m7hj |
| summary |
phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2038 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.7897 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78973 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78896 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78903 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78932 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78915 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78939 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78945 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78969 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78954 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.01204 |
| scoring_system |
epss |
| scoring_elements |
0.78944 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2038 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2038
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rggj-3cd7-m7hj |
|
| 194 |
| url |
VCID-rk3e-t7v8-vuac |
| vulnerability_id |
VCID-rk3e-t7v8-vuac |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0204 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81934 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81831 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81842 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81865 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81861 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81887 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81894 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81913 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81901 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81896 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01631 |
| scoring_system |
epss |
| scoring_elements |
0.81932 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-0204 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-0204
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rk3e-t7v8-vuac |
|
| 195 |
| url |
VCID-rq59-shwt-g7cd |
| vulnerability_id |
VCID-rq59-shwt-g7cd |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3646 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68198 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68219 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68237 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68213 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68264 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68279 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68304 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68292 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68258 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68298 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68309 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.0056 |
| scoring_system |
epss |
| scoring_elements |
0.68289 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3646 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-3646
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rq59-shwt-g7cd |
|
| 196 |
| url |
VCID-rqy8-n6fr-hqey |
| vulnerability_id |
VCID-rqy8-n6fr-hqey |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-0813 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00318 |
| scoring_system |
epss |
| scoring_elements |
0.54905 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00318 |
| scoring_system |
epss |
| scoring_elements |
0.54888 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00318 |
| scoring_system |
epss |
| scoring_elements |
0.54908 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63043 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.62955 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63007 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63058 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63074 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63091 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63077 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00437 |
| scoring_system |
epss |
| scoring_elements |
0.63055 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-0813 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-0813, GHSA-vx8q-j7h9-vf6q
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rqy8-n6fr-hqey |
|
| 197 |
| url |
VCID-s17w-jsc9-w3hz |
| vulnerability_id |
VCID-s17w-jsc9-w3hz |
| summary |
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5386 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93538 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93547 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93555 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93556 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93564 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93567 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93573 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93574 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93593 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93599 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93604 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5386 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-5386
|
| risk_score |
0.2 |
| exploitability |
2.0 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s17w-jsc9-w3hz |
|
| 198 |
| url |
VCID-s8rb-zv6j-sfgh |
| vulnerability_id |
VCID-s8rb-zv6j-sfgh |
| summary |
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4954 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48609 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48539 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48575 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48598 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.4855 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48604 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.486 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48621 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48595 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48607 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48657 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48652 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4954 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4954
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s8rb-zv6j-sfgh |
|
| 199 |
| url |
VCID-scu3-cfyc-9qfz |
| vulnerability_id |
VCID-scu3-cfyc-9qfz |
| summary |
Cross-Site Request Forgery (CSRF)
A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken `<img>` tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific `INSERT` or `DELETE` statement) to the victim. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12616 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98062 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98038 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98043 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98045 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98052 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98053 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98058 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98059 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.55051 |
| scoring_system |
epss |
| scoring_elements |
0.98065 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12616 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12616, GHSA-mfr9-pcm3-6mwc
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-scu3-cfyc-9qfz |
|
| 200 |
| url |
VCID-sgc1-f332-byfu |
| vulnerability_id |
VCID-sgc1-f332-byfu |
| summary |
phpMyAdmin leaves the SQL install script with insecure permissions,
potentially leading to a database compromise. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-1392 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16093 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16044 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16225 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16286 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16082 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16166 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.1623 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16213 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16173 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16038 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.16054 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-1392 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-1392
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sgc1-f332-byfu |
|
| 201 |
| url |
VCID-sghq-k22r-zffh |
| vulnerability_id |
VCID-sghq-k22r-zffh |
| summary |
error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing "@" characters, as demonstrated using "[a@url@page]". |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4480 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91781 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91725 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91733 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91739 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91746 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91759 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91766 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91769 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91771 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91767 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.91787 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.07454 |
| scoring_system |
epss |
| scoring_elements |
0.9178 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-4480 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-4480
|
| risk_score |
7.8 |
| exploitability |
2.0 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sghq-k22r-zffh |
|
| 202 |
| url |
VCID-svbn-yqea-2qd7 |
| vulnerability_id |
VCID-svbn-yqea-2qd7 |
| summary |
show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-1902 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64376 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.6443 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.6446 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.6442 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64468 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64484 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.645 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64488 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64459 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64494 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64506 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00468 |
| scoring_system |
epss |
| scoring_elements |
0.64497 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-1902 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-1902
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-svbn-yqea-2qd7 |
|
| 203 |
| url |
VCID-swmp-yrmd-2udj |
| vulnerability_id |
VCID-swmp-yrmd-2udj |
| summary |
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-2418 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87864 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87874 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87887 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87891 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87912 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87918 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87929 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87922 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87921 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0368 |
| scoring_system |
epss |
| scoring_elements |
0.87935 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-2418 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-2418
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-swmp-yrmd-2udj |
|
| 204 |
| url |
VCID-szkv-y39j-5qfv |
| vulnerability_id |
VCID-szkv-y39j-5qfv |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4064 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66826 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66865 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66891 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66864 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66912 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66926 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66946 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66932 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.669 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66933 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.66948 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00523 |
| scoring_system |
epss |
| scoring_elements |
0.6693 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4064 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4064
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-szkv-y39j-5qfv |
|
| 205 |
| url |
VCID-tbnx-nuzv-ebdc |
| vulnerability_id |
VCID-tbnx-nuzv-ebdc |
| summary |
Cross-Site Request Forgery (CSRF)
phpMyAdmin versions is vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping or truncating tables etc. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000499 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93618 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93612 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93592 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93586 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93583 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93574 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93556 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93573 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93565 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.11439 |
| scoring_system |
epss |
| scoring_elements |
0.93623 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000499 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2017-1000499 |
| reference_id |
CVE-2017-1000499 |
| reference_type |
|
| scores |
| 0 |
| value |
6.8 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2017-1000499 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-1000499, GHSA-f9hx-5jq4-fgjm
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tbnx-nuzv-ebdc |
|
| 206 |
| url |
VCID-tbz5-ndb2-9kad |
| vulnerability_id |
VCID-tbz5-ndb2-9kad |
| summary |
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-6100 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67454 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.6749 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67511 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67489 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67541 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67555 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67577 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67564 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.6753 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67566 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67579 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67557 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-6100 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-6100
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tbz5-ndb2-9kad |
|
| 207 |
| url |
VCID-tc6d-vqe5-43fn |
| vulnerability_id |
VCID-tc6d-vqe5-43fn |
| summary |
security update |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2560 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.80044 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.80042 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.79962 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.7997 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.79991 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.79982 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.8001 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.80019 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.80039 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.80022 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.80014 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.0134 |
| scoring_system |
epss |
| scoring_elements |
0.80043 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2560 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2560
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tc6d-vqe5-43fn |
|
| 208 |
| url |
VCID-tdyx-mvu1-h3gj |
| vulnerability_id |
VCID-tdyx-mvu1-h3gj |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-1879 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42267 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42342 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42372 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42314 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42362 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42369 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42392 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42356 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42327 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42375 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42351 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00202 |
| scoring_system |
epss |
| scoring_elements |
0.42279 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-1879 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-1879
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tdyx-mvu1-h3gj |
|
| 209 |
| url |
VCID-tgeh-wkw1-67bw |
| vulnerability_id |
VCID-tgeh-wkw1-67bw |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6619 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.55961 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56072 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56093 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56124 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56129 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.5614 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56117 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.561 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56134 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56137 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00332 |
| scoring_system |
epss |
| scoring_elements |
0.56107 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6619 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6619
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tgeh-wkw1-67bw |
|
| 210 |
| url |
VCID-tgrx-g8fs-qkhv |
| vulnerability_id |
VCID-tgrx-g8fs-qkhv |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4995 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43232 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43288 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43317 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43254 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43305 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4332 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43341 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43309 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43293 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43355 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43344 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4328 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4995 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-4995
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tgrx-g8fs-qkhv |
|
| 211 |
| url |
VCID-tks3-6uv4-kygf |
| vulnerability_id |
VCID-tks3-6uv4-kygf |
| summary |
phpMyAdmin SQL Injection
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges). |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10804 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85208 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85114 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85127 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85144 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85147 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85169 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85177 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85191 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85189 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85186 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02444 |
| scoring_system |
epss |
| scoring_elements |
0.85207 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10804 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-10804, GHSA-h65r-8fp8-w7cx
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tks3-6uv4-kygf |
|
| 212 |
| url |
VCID-tnbx-6gqw-8fb5 |
| vulnerability_id |
VCID-tnbx-6gqw-8fb5 |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2507 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.87949 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.87959 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.87973 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.87977 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.87997 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.88004 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.88014 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.88007 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.88008 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.88021 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.03737 |
| scoring_system |
epss |
| scoring_elements |
0.8802 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2507 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2507
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tnbx-6gqw-8fb5 |
|
| 213 |
| url |
VCID-twxk-hnb4-hfb5 |
| vulnerability_id |
VCID-twxk-hnb4-hfb5 |
| summary |
SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1804 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76472 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76476 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76505 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76488 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.7652 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76531 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76557 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76536 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.7653 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76571 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76575 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76563 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1804 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-1804
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-twxk-hnb4-hfb5 |
|
| 214 |
| url |
VCID-tydk-zjv1-nye6 |
| vulnerability_id |
VCID-tydk-zjv1-nye6 |
| summary |
Improper Input Validation
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6622 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77197 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77104 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7711 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7714 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77122 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77155 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77163 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77191 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.7717 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77165 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77206 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01016 |
| scoring_system |
epss |
| scoring_elements |
0.77207 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6622 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6622, GHSA-qf3f-7x69-qfv3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tydk-zjv1-nye6 |
|
| 215 |
| url |
VCID-u32z-czfc-qbe1 |
| vulnerability_id |
VCID-u32z-czfc-qbe1 |
| summary |
Multiple flaws in phpMyAdmin may lead to several XSS issues and local and
remote file inclusion vulnerabilities. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-4079 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81816 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81711 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81722 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81745 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81742 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81769 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81773 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81793 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.8178 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81776 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01613 |
| scoring_system |
epss |
| scoring_elements |
0.81813 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-4079 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-4079
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u32z-czfc-qbe1 |
|
| 216 |
| url |
VCID-u5d5-2m3s-yka8 |
| vulnerability_id |
VCID-u5d5-2m3s-yka8 |
| summary |
Improper Input Validation
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1149 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.7239 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72358 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72382 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72365 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72352 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72393 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72403 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72306 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72312 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72331 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72308 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72346 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1149 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1149, GHSA-xrpq-63mp-9vcw
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u5d5-2m3s-yka8 |
|
| 217 |
| url |
VCID-u794-p9hy-k3cg |
| vulnerability_id |
VCID-u794-p9hy-k3cg |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5000 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48286 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48322 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48343 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48295 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.4835 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48344 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48369 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48342 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48354 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.48405 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0025 |
| scoring_system |
epss |
| scoring_elements |
0.484 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5000 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-5000
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u794-p9hy-k3cg |
|
| 218 |
| url |
VCID-ukgh-86dw-5yf1 |
| vulnerability_id |
VCID-ukgh-86dw-5yf1 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6627 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57363 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57446 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57468 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57445 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57497 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57501 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57517 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57494 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57475 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57498 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57476 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6627 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6627
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ukgh-86dw-5yf1 |
|
| 219 |
| url |
VCID-unq5-ypce-b7c8 |
| vulnerability_id |
VCID-unq5-ypce-b7c8 |
| summary |
phpMyAdmin contains multiple vulnerabilities that could lead to command
execution, XSS issues and bypass of security restrictions. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0544 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66044 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65929 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65971 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66001 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65967 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66018 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.6603 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66049 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66036 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66006 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66042 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66056 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-0544 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-0544
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-unq5-ypce-b7c8 |
|
| 220 |
| url |
VCID-unty-cjbe-pudk |
| vulnerability_id |
VCID-unty-cjbe-pudk |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9849 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44228 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44294 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44316 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.4425 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44302 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44307 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44325 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44293 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44292 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.4435 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44341 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.4427 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9849 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9849
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-unty-cjbe-pudk |
|
| 221 |
| url |
VCID-uw6h-fpzy-x3ap |
| vulnerability_id |
VCID-uw6h-fpzy-x3ap |
| summary |
URL Redirection to Untrusted Site (Open Redirect)
phpMyAdmin is vulnerable to an open redirect weakness. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000013 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47088 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.4698 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47035 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47031 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47029 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47036 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47092 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.46978 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00239 |
| scoring_system |
epss |
| scoring_elements |
0.47033 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000013 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-1000013, GHSA-5h5m-fj48-qpjw
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uw6h-fpzy-x3ap |
|
| 222 |
| url |
VCID-uxne-zpub-tffp |
| vulnerability_id |
VCID-uxne-zpub-tffp |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-1937 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.92123 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.92141 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.92153 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.92156 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.9216 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.92161 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.9213 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.08106 |
| scoring_system |
epss |
| scoring_elements |
0.92137 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.08766 |
| scoring_system |
epss |
| scoring_elements |
0.92528 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.08766 |
| scoring_system |
epss |
| scoring_elements |
0.92525 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.08766 |
| scoring_system |
epss |
| scoring_elements |
0.92524 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-1937 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-1937
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uxne-zpub-tffp |
|
| 223 |
| url |
VCID-v66b-3ghf-9uas |
| vulnerability_id |
VCID-v66b-3ghf-9uas |
| summary |
Improper Input Validation
An issue was discovered in phpMyAdmin involving the `$cfg['ArbitraryServerRegexp']` configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by `ArbitraryServerRegexp`. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6629 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55121 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.54974 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55075 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55101 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55076 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55138 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55118 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.551 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55142 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6629 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6629, GHSA-567r-vqj7-5cw7
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v66b-3ghf-9uas |
|
| 224 |
| url |
VCID-vmk3-ybrd-1kgw |
| vulnerability_id |
VCID-vmk3-ybrd-1kgw |
| summary |
phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5) |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-2284 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66764 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66803 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66828 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.668 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66849 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66863 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66883 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66869 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66837 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.6687 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66884 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00521 |
| scoring_system |
epss |
| scoring_elements |
0.66867 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-2284 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-2284
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vmk3-ybrd-1kgw |
|
| 225 |
| url |
VCID-vnwc-dh5c-9yex |
| vulnerability_id |
VCID-vnwc-dh5c-9yex |
| summary |
phpMyAdmin Multiple XSS Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in the `PMA_unInlineEditRow` function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3592 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39566 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39531 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39614 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39621 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39644 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39593 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39609 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39478 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39645 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39627 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.39636 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.0018 |
| scoring_system |
epss |
| scoring_elements |
0.3965 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-3592 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-3592, GHSA-5p69-rmx8-7gw7
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vnwc-dh5c-9yex |
|
| 226 |
| url |
VCID-vwfa-qyfz-guf9 |
| vulnerability_id |
VCID-vwfa-qyfz-guf9 |
| summary |
phpMyAdmin: XSS on plausible insecure PHP installation (PMASA-2008-4) |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2008-2960 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71494 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71422 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71431 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71448 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71423 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71463 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71475 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71498 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71482 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71464 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71509 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00676 |
| scoring_system |
epss |
| scoring_elements |
0.71514 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2008-2960 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
|
| fixed_packages |
|
| aliases |
CVE-2008-2960
|
| risk_score |
1.1 |
| exploitability |
0.5 |
| weighted_severity |
2.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vwfa-qyfz-guf9 |
|
| 227 |
| url |
VCID-vzku-a8c1-xycf |
| vulnerability_id |
VCID-vzku-a8c1-xycf |
| summary |
Multiple errors in phpMyAdmin might allow the remote execution of arbitrary
code or a Cross-Site Scripting attack. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1151 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.92956 |
| scoring_system |
epss |
| scoring_elements |
0.99775 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.92956 |
| scoring_system |
epss |
| scoring_elements |
0.99776 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.92956 |
| scoring_system |
epss |
| scoring_elements |
0.99777 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.92956 |
| scoring_system |
epss |
| scoring_elements |
0.99778 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1151 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-1151
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vzku-a8c1-xycf |
|
| 228 |
| url |
VCID-w37b-ep3h-tfaz |
| vulnerability_id |
VCID-w37b-ep3h-tfaz |
| summary |
Covert Timing Channel
`libraries/common.inc.php` in phpMyAdmin does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2041 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.773 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77269 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77287 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77252 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77344 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77352 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77312 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77316 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77336 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77258 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.01029 |
| scoring_system |
epss |
| scoring_elements |
0.77309 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2041 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2041 |
| reference_id |
CVE-2016-2041 |
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 2 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-2041 |
|
| 73 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-2041, GHSA-8m97-xc46-rw9w
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w37b-ep3h-tfaz |
|
| 229 |
| url |
VCID-w56h-g9t8-1fgu |
| vulnerability_id |
VCID-w56h-g9t8-1fgu |
| summary |
phpMyAdmin ReCaptcha bypass
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-6830 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95684 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95651 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95659 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95663 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95668 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95667 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.9567 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95678 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95681 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95633 |
| published_at |
2026-04-01T12:55:00Z |
|
| 10 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95643 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.21219 |
| scoring_system |
epss |
| scoring_elements |
0.95648 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-6830 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-6830, GHSA-v6fh-vg22-r6cm
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w56h-g9t8-1fgu |
|
| 230 |
| url |
VCID-w5b2-9597-f7h8 |
| vulnerability_id |
VCID-w5b2-9597-f7h8 |
| summary |
phpMyAdmin contains a local file inclusion vulnerability that may lead to
the execution of arbitrary code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3299 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92563 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92512 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92518 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92525 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92527 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92538 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92542 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.92549 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.9255 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.08856 |
| scoring_system |
epss |
| scoring_elements |
0.9256 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3299 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3299
|
| risk_score |
9.0 |
| exploitability |
2.0 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w5b2-9597-f7h8 |
|
| 231 |
| url |
VCID-wamt-3g12-t7ch |
| vulnerability_id |
VCID-wamt-3g12-t7ch |
| summary |
Cross-Site Request Forgery (CSRF)
An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9866 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44825 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44762 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44842 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44863 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44803 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44856 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44858 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44876 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44844 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44846 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44898 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00222 |
| scoring_system |
epss |
| scoring_elements |
0.44891 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9866 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9866, GHSA-jvxx-8xxf-5495
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wamt-3g12-t7ch |
|
| 232 |
| url |
VCID-we1q-4dc4-qufn |
| vulnerability_id |
VCID-we1q-4dc4-qufn |
| summary |
phpMyAdmin vulnerable to Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5733 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77835 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77918 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77924 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77862 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77828 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77925 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77887 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77903 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77876 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77872 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.01085 |
| scoring_system |
epss |
| scoring_elements |
0.77844 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5733 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
|
| 78 |
|
| 79 |
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
|
| 84 |
|
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5733 |
| reference_id |
CVE-2016-5733 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:N/I:P/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5733 |
|
| 94 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5733, GHSA-cr65-p662-fx5c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-we1q-4dc4-qufn |
|
| 233 |
| url |
VCID-whem-kvgm-47he |
| vulnerability_id |
VCID-whem-kvgm-47he |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5703 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81588 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81583 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.8148 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81492 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81513 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81511 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81539 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81544 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81564 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81552 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81545 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.01576 |
| scoring_system |
epss |
| scoring_elements |
0.81582 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5703 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5703
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-whem-kvgm-47he |
|
| 234 |
| url |
VCID-whsp-haxh-yqas |
| vulnerability_id |
VCID-whsp-haxh-yqas |
| summary |
The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1325 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.7689 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76793 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76797 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76826 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76806 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76837 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76847 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76876 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76856 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.7685 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76894 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00988 |
| scoring_system |
epss |
| scoring_elements |
0.76898 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1325 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-1325
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-whsp-haxh-yqas |
|
| 235 |
| url |
VCID-wjf9-rsuc-2qbk |
| vulnerability_id |
VCID-wjf9-rsuc-2qbk |
| summary |
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-0129 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94123 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94133 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94145 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94148 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94157 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94161 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94166 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94181 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.13292 |
| scoring_system |
epss |
| scoring_elements |
0.94186 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-0129 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-0129
|
| risk_score |
0.2 |
| exploitability |
2.0 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wjf9-rsuc-2qbk |
|
| 236 |
| url |
VCID-wp1b-nf26-nygv |
| vulnerability_id |
VCID-wp1b-nf26-nygv |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5589 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93538 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93547 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93555 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93556 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93564 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93567 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93573 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93574 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93593 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93599 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.11421 |
| scoring_system |
epss |
| scoring_elements |
0.93604 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-5589 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-5589
|
| risk_score |
0.2 |
| exploitability |
2.0 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wp1b-nf26-nygv |
|
| 237 |
| url |
VCID-wt46-nxw7-aqat |
| vulnerability_id |
VCID-wt46-nxw7-aqat |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-2245 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85168 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85075 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85088 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85106 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.8511 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85131 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85138 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85152 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.8515 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85146 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.02428 |
| scoring_system |
epss |
| scoring_elements |
0.85167 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-2245 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2007-2245
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wt46-nxw7-aqat |
|
| 238 |
| url |
VCID-wwm8-s1z9-23fg |
| vulnerability_id |
VCID-wwm8-s1z9-23fg |
| summary |
phpMyAdmin Open Redirect in redirector
Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1941 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48597 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48588 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48609 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48583 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48595 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48645 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.4864 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48527 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48563 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48586 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48538 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00253 |
| scoring_system |
epss |
| scoring_elements |
0.48592 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-1941 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-1941, GHSA-v6fw-xf2c-8q43
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wwm8-s1z9-23fg |
|
| 239 |
| url |
VCID-x455-zvve-wye9 |
| vulnerability_id |
VCID-x455-zvve-wye9 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9854 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65931 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65973 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66003 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.65968 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66019 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66032 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66051 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66038 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66008 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66044 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66057 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00501 |
| scoring_system |
epss |
| scoring_elements |
0.66046 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9854 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9854
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x455-zvve-wye9 |
|
| 240 |
| url |
VCID-x89g-7mcs-tuep |
| vulnerability_id |
VCID-x89g-7mcs-tuep |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, allowing
remote authenticated attackers to execute arbitrary code, inject SQL code
or conduct other attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5003 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.58948 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.59024 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.59046 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.59011 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.59063 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.59069 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.59087 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.5905 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.59085 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00374 |
| scoring_system |
epss |
| scoring_elements |
0.5909 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-5003 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-5003
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x89g-7mcs-tuep |
|
| 241 |
| url |
VCID-xae2-3cvs-kuex |
| vulnerability_id |
VCID-xae2-3cvs-kuex |
| summary |
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3240 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88529 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88468 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88475 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88492 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88496 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88514 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88519 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.8853 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88522 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88536 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.04055 |
| scoring_system |
epss |
| scoring_elements |
0.88532 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-3240 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-3240
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xae2-3cvs-kuex |
|
| 242 |
| url |
VCID-xm9j-76hy-1qcp |
| vulnerability_id |
VCID-xm9j-76hy-1qcp |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6610 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63508 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63568 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63595 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63559 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.6361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63627 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63642 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63593 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.6363 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63639 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.63622 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6610 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6610
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xm9j-76hy-1qcp |
|
| 243 |
| url |
VCID-xruc-tfuk-m3gf |
| vulnerability_id |
VCID-xruc-tfuk-m3gf |
| summary |
Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1803 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92567 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92572 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92579 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92581 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92592 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92596 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92602 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92603 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92615 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92614 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.08966 |
| scoring_system |
epss |
| scoring_elements |
0.92617 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1803 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-1803
|
| risk_score |
0.2 |
| exploitability |
2.0 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xruc-tfuk-m3gf |
|
| 244 |
| url |
VCID-xu1c-xtb4-9ygg |
| vulnerability_id |
VCID-xu1c-xtb4-9ygg |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6623 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67983 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67889 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67912 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67931 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6791 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67961 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67975 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67998 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67985 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6795 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67987 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.68 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6623 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6623, GHSA-2mcj-3r3r-v5wm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xu1c-xtb4-9ygg |
|
| 245 |
| url |
VCID-xwyg-wr8p-r7he |
| vulnerability_id |
VCID-xwyg-wr8p-r7he |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6607 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67583 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67619 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.6764 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.6762 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67671 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67686 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67709 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67694 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.6766 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67696 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67708 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00541 |
| scoring_system |
epss |
| scoring_elements |
0.67688 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6607 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6607
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xwyg-wr8p-r7he |
|
| 246 |
| url |
VCID-y46s-z2d6-2kdn |
| vulnerability_id |
VCID-y46s-z2d6-2kdn |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2643 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59525 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59598 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59623 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59593 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59645 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59658 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59678 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59661 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59642 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59675 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59682 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59666 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2643 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2643
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y46s-z2d6-2kdn |
|
| 247 |
| url |
VCID-y7gs-va61-zqaa |
| vulnerability_id |
VCID-y7gs-va61-zqaa |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9864 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.62919 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.62978 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63007 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.6297 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63022 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63038 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63041 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63019 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63056 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00436 |
| scoring_system |
epss |
| scoring_elements |
0.63063 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9864 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9864
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y7gs-va61-zqaa |
|
| 248 |
| url |
VCID-yfja-ssw3-skh1 |
| vulnerability_id |
VCID-yfja-ssw3-skh1 |
| summary |
Information Exposure
When the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-6799 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98948 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98933 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98935 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98937 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98939 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98941 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98943 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98944 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98946 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.7658 |
| scoring_system |
epss |
| scoring_elements |
0.98947 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-6799 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2019-6799 |
| reference_id |
CVE-2019-6799 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:M/Au:N/C:P/I:N/A:N |
|
| 1 |
| value |
5.9 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 2 |
| value |
5.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2019-6799 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-6799, GHSA-c8wj-q36q-3wg4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yfja-ssw3-skh1 |
|
| 249 |
| url |
VCID-ygp5-6upr-vfbq |
| vulnerability_id |
VCID-ygp5-6upr-vfbq |
| summary |
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1147 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89215 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89156 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89163 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89178 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.8918 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89198 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89203 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89213 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89209 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89207 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.04568 |
| scoring_system |
epss |
| scoring_elements |
0.89219 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2004-1147 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2004-1147
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ygp5-6upr-vfbq |
|
| 250 |
| url |
VCID-ym9b-4su6-6fbr |
| vulnerability_id |
VCID-ym9b-4su6-6fbr |
| summary |
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-25727 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.1094 |
| scoring_system |
epss |
| scoring_elements |
0.93405 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.1094 |
| scoring_system |
epss |
| scoring_elements |
0.93434 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.1094 |
| scoring_system |
epss |
| scoring_elements |
0.93428 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.1094 |
| scoring_system |
epss |
| scoring_elements |
0.93423 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.11079 |
| scoring_system |
epss |
| scoring_elements |
0.93425 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.11079 |
| scoring_system |
epss |
| scoring_elements |
0.93433 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.11079 |
| scoring_system |
epss |
| scoring_elements |
0.93441 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.11079 |
| scoring_system |
epss |
| scoring_elements |
0.93445 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.11079 |
| scoring_system |
epss |
| scoring_elements |
0.9345 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.11079 |
| scoring_system |
epss |
| scoring_elements |
0.93451 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-25727 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-25727, GHSA-6hr3-44gx-g6wh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ym9b-4su6-6fbr |
|
| 251 |
| url |
VCID-z22z-a5bq-97d3 |
| vulnerability_id |
VCID-z22z-a5bq-97d3 |
| summary |
Uncontrolled Resouce Consumption
An issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6618 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67983 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67889 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67912 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67931 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6791 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67961 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67975 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67998 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67985 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.6795 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.67987 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0055 |
| scoring_system |
epss |
| scoring_elements |
0.68 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6618 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6618, GHSA-rv6m-chvv-wmxg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z22z-a5bq-97d3 |
|
| 252 |
| url |
VCID-z5h3-sfx3-97fy |
| vulnerability_id |
VCID-z5h3-sfx3-97fy |
| summary |
phpMyAdmin CRLF Injection Vulnerability
CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3621 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69395 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69355 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69372 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69394 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69378 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69365 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69403 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69414 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69295 |
| published_at |
2026-04-01T12:55:00Z |
|
| 9 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69308 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69325 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00596 |
| scoring_system |
epss |
| scoring_elements |
0.69305 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3621 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3621, GHSA-wj42-52pv-wfj2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z5h3-sfx3-97fy |
|
| 253 |
| url |
VCID-z6fj-u5r4-g7by |
| vulnerability_id |
VCID-z6fj-u5r4-g7by |
| summary |
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_theme parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1258 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92306 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92313 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92319 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92322 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92333 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92337 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92342 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92344 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92353 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.08432 |
| scoring_system |
epss |
| scoring_elements |
0.92352 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1258 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-1258
|
| risk_score |
0.2 |
| exploitability |
2.0 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z6fj-u5r4-g7by |
|
| 254 |
| url |
VCID-z6t5-jasy-vbfs |
| vulnerability_id |
VCID-z6t5-jasy-vbfs |
| summary |
phpMyAdmin Directory Traversal vulnerability
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2508 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93484 |
| published_at |
2026-04-09T12:55:00Z |
|
| 1 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93521 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93489 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93465 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93457 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93509 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93515 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.9349 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.9348 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93473 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.11174 |
| scoring_system |
epss |
| scoring_elements |
0.93472 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-2508 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-2508, GHSA-q6vw-39cg-wjjf
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z6t5-jasy-vbfs |
|
| 255 |
| url |
VCID-z85t-z8nv-47d4 |
| vulnerability_id |
VCID-z85t-z8nv-47d4 |
| summary |
Multiple flaws in phpMyAdmin may lead to several XSS issues and local and
remote file inclusion vulnerabilities. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3665 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.7814 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78149 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78178 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78161 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78187 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78194 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.7822 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78203 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78199 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78231 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.01116 |
| scoring_system |
epss |
| scoring_elements |
0.78229 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2005-3665 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
|
| fixed_packages |
|
| aliases |
CVE-2005-3665
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z85t-z8nv-47d4 |
|
| 256 |
| url |
VCID-z85z-65zn-bycj |
| vulnerability_id |
VCID-z85z-65zn-bycj |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3263 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.512 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51082 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51135 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51159 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51116 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51171 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51167 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51212 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.5119 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51175 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51215 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00277 |
| scoring_system |
epss |
| scoring_elements |
0.51222 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-3263 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-3263
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z85z-65zn-bycj |
|
| 257 |
| url |
VCID-z8jb-xtm4-x3e9 |
| vulnerability_id |
VCID-z8jb-xtm4-x3e9 |
| summary |
Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-1190 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62471 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62529 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62562 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62528 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62578 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62594 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62612 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62601 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62619 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62626 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00431 |
| scoring_system |
epss |
| scoring_elements |
0.62608 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-1190 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-1190
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z8jb-xtm4-x3e9 |
|
| 258 |
| url |
VCID-zajy-wfa6-dbbt |
| vulnerability_id |
VCID-zajy-wfa6-dbbt |
| summary |
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-2958 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63288 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63177 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63236 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63265 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.6323 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63282 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63299 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63317 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.633 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63264 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63301 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63308 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-2958 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-2958, GHSA-frv8-xjcp-hrm2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zajy-wfa6-dbbt |
|
| 259 |
| url |
VCID-zbha-a7rp-nbd9 |
| vulnerability_id |
VCID-zbha-a7rp-nbd9 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5734 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99433 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99441 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99439 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99438 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99437 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99436 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99434 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.87019 |
| scoring_system |
epss |
| scoring_elements |
0.99432 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5734 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5734 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://nvd.nist.gov/vuln/detail/CVE-2016-5734 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
|
| 69 |
|
| 70 |
|
| 71 |
|
| 72 |
|
| 73 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5734, GHSA-rv57-479x-x4qv
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zbha-a7rp-nbd9 |
|
| 260 |
| url |
VCID-zd8d-c1nk-g7a4 |
| vulnerability_id |
VCID-zd8d-c1nk-g7a4 |
| summary |
jquery-validation vulnerable to Cross-site Scripting
Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-3573 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48023 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.47983 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48003 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.47952 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48005 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.47999 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.5309 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53083 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53045 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00297 |
| scoring_system |
epss |
| scoring_elements |
0.53072 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-3573 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-3573, GHSA-rrj2-ph5q-jxw2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zd8d-c1nk-g7a4 |
|
| 261 |
| url |
VCID-zg16-dfu1-g7dn |
| vulnerability_id |
VCID-zg16-dfu1-g7dn |
| summary |
Information Exposure
An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6613 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61453 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61298 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61377 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61406 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61375 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61422 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61437 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61459 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61444 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61426 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61465 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61469 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-6613 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6613, GHSA-6j2v-g9rg-qcm5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zg16-dfu1-g7dn |
|
| 262 |
| url |
VCID-znfm-ak2t-mqdd |
| vulnerability_id |
VCID-znfm-ak2t-mqdd |
| summary |
phpMyAdmin SQL injection vulnerability
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10803 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87708 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87643 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87653 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87666 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87667 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87688 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87694 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87706 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87699 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87697 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.03554 |
| scoring_system |
epss |
| scoring_elements |
0.87712 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-10803 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-10803, GHSA-fcww-8wvc-38q9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-znfm-ak2t-mqdd |
|
| 263 |
| url |
VCID-zreq-41ja-pbf1 |
| vulnerability_id |
VCID-zreq-41ja-pbf1 |
| summary |
Improper Input Validation
phpMyAdmin is vulnerable to a DoS weakness in the table editing functionality. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000014 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78417 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.7847 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78475 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78455 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78474 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78448 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78396 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78403 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78443 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.01144 |
| scoring_system |
epss |
| scoring_elements |
0.78434 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-1000014 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-1000014, GHSA-9hrc-rwrq-v6mh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zreq-41ja-pbf1 |
|
| 264 |
| url |
VCID-zrt3-34ja-8kg5 |
| vulnerability_id |
VCID-zrt3-34ja-8kg5 |
| summary |
Multiple vulnerabilities have been found in phpMyAdmin, the worst
of which could lead to arbitrary code execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-4412 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47014 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47052 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47071 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47018 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47073 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.4707 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47094 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47068 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47075 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47132 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47127 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-4412 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-4412
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zrt3-34ja-8kg5 |
|
| 265 |
| url |
VCID-ztma-5k5p-7yda |
| vulnerability_id |
VCID-ztma-5k5p-7yda |
| summary |
phpMyAdmin Cross-site Scripting vulnerability
Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4782 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64837 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64878 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64892 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64843 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64757 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64808 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.648 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64871 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64881 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.64864 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.6485 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4782 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4782, GHSA-2h23-c973-x63q
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ztma-5k5p-7yda |
|
| 266 |
| url |
VCID-zyzp-aqd8-e3a9 |
| vulnerability_id |
VCID-zyzp-aqd8-e3a9 |
| summary |
phpMyAdmin Cross-Site Request Forgery (CSRF)
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12922 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97459 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97422 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97429 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97433 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97434 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97441 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97442 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97445 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97447 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.97456 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.4225 |
| scoring_system |
epss |
| scoring_elements |
0.9746 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-12922 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-12922, GHSA-4c9q-64gq-xhx4
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzp-aqd8-e3a9 |
|