Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/935154?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "phpmyadmin", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.11.5.1", "latest_non_vulnerable_version": "4:5.2.3+dfsg-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54646?format=api", "vulnerability_id": "VCID-5288-gx4v-7bh4", "summary": "phpMyAdmin Unsafe Fetching of Javascript Code\nphpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62271", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62236", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62215", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6226", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62267", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62251", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62261", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62278", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62102", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62162", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62193", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62161", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62228", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62246", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5368" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/50edafc0884aa15d0a1aa178089ac6a1ad2eb18a", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/50edafc0884aa15d0a1aa178089ac6a1ad2eb18a" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/a547f3d3e2cf36c6a904fa3e053fd8bddd3fbbb0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/a547f3d3e2cf36c6a904fa3e053fd8bddd3fbbb0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5368", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5368" }, { "reference_url": "https://web.archive.org/web/20200228143700/http://www.securityfocus.com/bid/55939", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228143700/http://www.securityfocus.com/bid/55939" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php" }, { "reference_url": "http://www.securityfocus.com/bid/55939", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/55939" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-xpxp-v33m-5jp9", "reference_id": "GHSA-xpxp-v33m-5jp9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xpxp-v33m-5jp9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-5368", "GHSA-xpxp-v33m-5jp9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5288-gx4v-7bh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9480?format=api", "vulnerability_id": "VCID-9auw-hwad-ybaf", "summary": "Improper Authentication\nAn issue was discovered in phpMyAdm in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for allowed pages.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94281", "scoring_system": "epss", "scoring_elements": "0.99938", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.94281", "scoring_system": "epss", "scoring_elements": "0.99939", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.94281", "scoring_system": "epss", "scoring_elements": "0.9994", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12613" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://www.exploit-db.com/exploits/44924", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44924" }, { "reference_url": "https://www.exploit-db.com/exploits/44924/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44924/" }, { "reference_url": "https://www.exploit-db.com/exploits/44928", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44928" }, { "reference_url": "https://www.exploit-db.com/exploits/44928/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44928/" }, { "reference_url": "https://www.exploit-db.com/exploits/45020", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/45020" }, { "reference_url": "https://www.exploit-db.com/exploits/45020/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45020/" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-4" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-4/" }, { "reference_url": "http://www.securityfocus.com/bid/104532", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/104532" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb", "reference_id": "CVE-2018-12613", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt", "reference_id": "CVE-2018-12613", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt", "reference_id": "CVE-2018-12613", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py", "reference_id": "CVE-2018-12613", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py" }, { "reference_url": "https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR", "reference_id": "CVE-2018-12613", "reference_type": "exploit", "scores": [], "url": "https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12613", "reference_id": "CVE-2018-12613", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12613" }, { "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb", "reference_id": "CVE-2018-12613", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb" }, { "reference_url": "https://github.com/advisories/GHSA-x394-g9j8-x7mf", "reference_id": "GHSA-x394-g9j8-x7mf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x394-g9j8-x7mf" }, { "reference_url": "https://security.gentoo.org/glsa/201904-16", "reference_id": "GLSA-201904-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201904-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-12613", "GHSA-x394-g9j8-x7mf" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9auw-hwad-ybaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36783?format=api", "vulnerability_id": "VCID-cb4p-81h2-h7cb", "summary": "Multiple vulnerabilities have been found in phpMyAdmin, allowing\n remote authenticated attackers to execute arbitrary code, inject SQL code\n or conduct other attacks.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104725.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104725.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104770.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104770.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104936.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104936.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98466", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98444", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98447", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98449", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98454", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98457", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98456", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98462", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98463", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.64584", "scoring_system": "epss", "scoring_elements": "0.98467", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3238" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/dedd542cdaf1606ca9aa3f6f8f8adb078d8ad549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/dedd542cdaf1606ca9aa3f6f8f8adb078d8ad549" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/ffa720d90a79c1f33cf4c5a33403d09a67b42a66", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/ffa720d90a79c1f33cf4c5a33403d09a67b42a66" }, { "reference_url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0133" }, { "reference_url": "http://www.exploit-db.com/exploits/25136", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/25136" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:160", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:160" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.8:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.8:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.8:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3238", "reference_id": "CVE-2013-3238", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3238" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/25136.rb", "reference_id": "CVE-2013-3238;OSVDB-92793", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/25136.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25003.txt", "reference_id": "CVE-2013-3241;CVE-2013-3240;CVE-2013-3239;CVE-2013-3238;OSVDB-92795;OSVDB-92794;OSVDB-92793;OSVDB-92792", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25003.txt" }, { "reference_url": "http://www.waraxe.us/advisory-103.html", "reference_id": "CVE-2013-3241;CVE-2013-3240;CVE-2013-3239;CVE-2013-3238;OSVDB-92795;OSVDB-92794;OSVDB-92793;OSVDB-92792", "reference_type": "exploit", "scores": [], "url": "http://www.waraxe.us/advisory-103.html" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-3238" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cb4p-81h2-h7cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9787?format=api", "vulnerability_id": "VCID-fchc-55te-akhe", "summary": "Cross-site Scripting\nAn issue was discovered in phpMyAdm. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71526", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71392", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71418", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71446", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71452", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71434", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.7148", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71485", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71465", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71516", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71523", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15605" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-5" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-5/" }, { "reference_url": "http://www.securityfocus.com/bid/105168", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/105168" }, { "reference_url": "http://www.securitytracker.com/id/1041548", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1041548" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15605", "reference_id": "CVE-2018-15605", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15605" }, { "reference_url": "https://github.com/advisories/GHSA-c958-4j9x-q7w4", "reference_id": "GHSA-c958-4j9x-q7w4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c958-4j9x-q7w4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-15605", "GHSA-c958-4j9x-q7w4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fchc-55te-akhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114582?format=api", "vulnerability_id": "VCID-fhw5-5mdt-7ff3", "summary": "Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-6374", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72506", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72374", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72379", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72398", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72375", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72414", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72426", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72449", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72432", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.7242", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72461", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.7247", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72501", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72509", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-6374" }, { "reference_url": "http://securityreason.com/securityalert/1993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/1993" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30703", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30703" }, { "reference_url": "http://www.securityfocus.com/archive/1/453432/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/453432/100/0/threaded" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_pl2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_pl2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_pl2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6374", "reference_id": "CVE-2006-6374", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6374" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-6374" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhw5-5mdt-7ff3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55249?format=api", "vulnerability_id": "VCID-kke6-fqmn-pug2", "summary": "phpMyAdmin multiple cross-site scripting vulnerabilities\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.42982", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43161", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43205", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43195", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43128", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43062", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43064", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43083", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43142", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43107", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.4316", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43173", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43194", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5339" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6ea8fad3f999bfdf79eb6fe31309592bca54d611", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6ea8fad3f999bfdf79eb6fe31309592bca54d611" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/cfd688d2512df9827a8ecc0412fc264fc5bcb186", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/cfd688d2512df9827a8ecc0412fc264fc5bcb186" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5339", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5339" }, { "reference_url": "https://web.archive.org/web/20121020000514/http://www.securityfocus.com/bid/55925", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20121020000514/http://www.securityfocus.com/bid/55925" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php" }, { "reference_url": "http://www.securityfocus.com/bid/55925", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/55925" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-rfpg-2fp8-2fph", "reference_id": "GHSA-rfpg-2fp8-2fph", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rfpg-2fp8-2fph" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-5339", "GHSA-rfpg-2fp8-2fph" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kke6-fqmn-pug2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42602?format=api", "vulnerability_id": "VCID-ktmy-w9g2-1fav", "summary": "Multiple vulnerabilities have been found in phpMyAdmin, the worst\n of which could lead to arbitrary code execution.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63792", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63795", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63651", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63737", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63697", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63749", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63766", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.6378", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63765", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63732", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63768", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63778", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63782", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5098" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-15", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-15" }, { "reference_url": "http://www.securitytracker.com/id/1035980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035980" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5098", "reference_id": "CVE-2016-5098", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5098" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5098" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktmy-w9g2-1fav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/144215?format=api", "vulnerability_id": "VCID-nr3p-zfc2-p7ac", "summary": "export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.874", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87318", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87334", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87333", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87352", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87366", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87362", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87377", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87381", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87375", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87392", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03369", "scoring_system": "epss", "scoring_elements": "0.87398", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3241" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-5.php" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3241", "reference_id": "CVE-2013-3241", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3241" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-3241" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nr3p-zfc2-p7ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/141820?format=api", "vulnerability_id": "VCID-q6z8-dgxc-h3fr", "summary": "phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.8794", "scoring_system": "epss", "scoring_elements": "0.99483", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.8794", "scoring_system": "epss", "scoring_elements": "0.99473", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.8794", "scoring_system": "epss", "scoring_elements": "0.99475", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.8794", "scoring_system": "epss", "scoring_elements": "0.99476", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.8794", "scoring_system": "epss", "scoring_elements": "0.99478", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.8794", "scoring_system": "epss", "scoring_elements": "0.99479", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.8794", "scoring_system": "epss", "scoring_elements": "0.99482", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5159" }, { "reference_url": "http://seclists.org/oss-sec/2012/q3/562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2012/q3/562" }, { "reference_url": "http://sourceforge.net/blog/phpmyadmin-back-door/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sourceforge.net/blog/phpmyadmin-back-door/" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php" }, { "reference_url": "http://www.securityfocus.com/bid/55672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/55672" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5159", "reference_id": "CVE-2012-5159", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5159" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/21834.rb", "reference_id": "CVE-2012-5159;OSVDB-85739", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/21834.rb" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-5159" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6z8-dgxc-h3fr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33683?format=api", "vulnerability_id": "VCID-sgc1-f332-byfu", "summary": "phpMyAdmin leaves the SQL install script with insecure permissions,\n potentially leading to a database compromise.", "references": [ { "reference_url": "http://bugs.gentoo.org/show_bug.cgi?id=88831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.gentoo.org/show_bug.cgi?id=88831" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-1392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15942", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16044", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16225", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16286", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16082", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16166", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1623", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16213", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16173", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16038", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16054", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16093", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15987", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15982", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-1392" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200504-30.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200504-30.xml" }, { "reference_url": "http://www.osvdb.org/16053", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/16053" }, { "reference_url": "http://www.vupen.com/english/advisories/2005/0436", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2005/0436" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1392", "reference_id": "CVE-2005-1392", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1392" }, { "reference_url": "https://security.gentoo.org/glsa/200504-30", "reference_id": "GLSA-200504-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200504-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-1392" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgc1-f332-byfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8631?format=api", "vulnerability_id": "VCID-tbnx-nuzv-ebdc", "summary": "Cross-Site Request Forgery (CSRF)\nphpMyAdmin versions is vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping or truncating tables etc.", "references": [ { "reference_url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click" }, { "reference_url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93624", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93565", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93574", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93583", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93586", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93612", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93618", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93623", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93627", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93626", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93556", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000499" }, { "reference_url": "https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163" }, { "reference_url": "https://www.exploit-db.com/exploits/45284", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/45284" }, { "reference_url": "https://www.exploit-db.com/exploits/45284/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45284/" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-9" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-9/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2017-9/" }, { "reference_url": "http://www.securitytracker.com/id/1040163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040163" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt", "reference_id": "CVE-2017-1000499", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000499", "reference_id": "CVE-2017-1000499", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000499" }, { "reference_url": "https://github.com/advisories/GHSA-f9hx-5jq4-fgjm", "reference_id": "GHSA-f9hx-5jq4-fgjm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f9hx-5jq4-fgjm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000499", "GHSA-f9hx-5jq4-fgjm" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbnx-nuzv-ebdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50387?format=api", "vulnerability_id": "VCID-u32z-czfc-qbe1", "summary": "Multiple flaws in phpMyAdmin may lead to several XSS issues and local and\n remote file inclusion vulnerabilities.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-4079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81855", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81711", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81722", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81742", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81769", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81773", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81793", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8178", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81776", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81813", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81816", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8184", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8185", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-4079" }, { "reference_url": "http://secunia.com/advisories/17925/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/17925/" }, { "reference_url": "http://secunia.com/advisories/17957", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/17957" }, { "reference_url": "http://secunia.com/advisories/18618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/18618" }, { "reference_url": "http://securityreason.com/securityalert/237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/237" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200512-03.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-03.xml" }, { "reference_url": "http://www.hardened-php.net/advisory_252005.110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.hardened-php.net/advisory_252005.110.html" }, { "reference_url": "http://www.osvdb.org/21508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/21508" }, { "reference_url": "http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9" }, { "reference_url": "http://www.securityfocus.com/archive/1/418834/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/418834/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/423142/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/423142/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/15761", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/15761" }, { "reference_url": "http://www.vupen.com/english/advisories/2005/2792", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2005/2792" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_rc1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_rc1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_rc1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-4079", "reference_id": "CVE-2005-4079", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-4079" }, { "reference_url": "https://security.gentoo.org/glsa/200512-03", "reference_id": "GLSA-200512-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200512-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-4079" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u32z-czfc-qbe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36782?format=api", "vulnerability_id": "VCID-uxne-zpub-tffp", "summary": "Multiple vulnerabilities have been found in phpMyAdmin, allowing\n remote authenticated attackers to execute arbitrary code, inject SQL code\n or conduct other attacks.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-04/0101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-04/0101.html" }, { "reference_url": "http://immunityservices.blogspot.com/2019/02/cvss.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://immunityservices.blogspot.com/2019/02/cvss.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103184.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103184.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103188.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103188.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103195.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103195.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2013/04/09/13", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2013/04/09/13" }, { "reference_url": "http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.92123", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.9213", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.92137", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.92141", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.92153", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.92156", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.9216", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08106", "scoring_system": "epss", "scoring_elements": "0.92161", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08766", "scoring_system": "epss", "scoring_elements": "0.92529", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.08766", "scoring_system": "epss", "scoring_elements": "0.92528", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08766", "scoring_system": "epss", "scoring_elements": "0.9253", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.08766", "scoring_system": "epss", "scoring_elements": "0.92527", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.08766", "scoring_system": "epss", "scoring_elements": "0.92525", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08766", "scoring_system": "epss", "scoring_elements": "0.92524", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1937" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:144" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php" }, { "reference_url": "http://www.waraxe.us/advisory-102.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.waraxe.us/advisory-102.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1937", "reference_id": "CVE-2013-1937", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1937" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38440.txt", "reference_id": "CVE-2013-1937;OSVDB-92201", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38440.txt" }, { "reference_url": "https://www.securityfocus.com/bid/58962/info", "reference_id": "CVE-2013-1937;OSVDB-92201", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/58962/info" }, { "reference_url": "https://security.gentoo.org/glsa/201311-02", "reference_id": "GLSA-201311-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1937" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uxne-zpub-tffp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90638?format=api", "vulnerability_id": "VCID-xae2-3cvs-kuex", "summary": "Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3240.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3240.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3240", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.8855", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88475", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88492", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88514", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88519", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.8853", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88522", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88536", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88532", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88529", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88546", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04055", "scoring_system": "epss", "scoring_elements": "0.88551", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3240" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-4.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-4.php" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3240", "reference_id": "CVE-2013-3240", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3240" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935154?format=api", "purl": "pkg:deb/debian/phpmyadmin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-3240" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xae2-3cvs-kuex" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie" }