Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie

Type deb

Namespace debian

Name phpmyadmin

Version 4:3.1.3.1-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4:3.1.3.2-1

Latest_non_vulnerable_version 4:5.2.3+dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-pgne-8bg1-vbhe

vulnerability_id VCID-pgne-8bg1-vbhe

summary phpMyAdmin: multiple security fixes in 3.1.3.1 (PMASA-2009-{1,2,3})

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_url	http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_3_1_3/phpMyAdmin/bs_disp_as_mime_type.php?r1=12303&r2=12302&pathrev=12303
reference_id
reference_type
scores
url	http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_3_1_3/phpMyAdmin/bs_disp_as_mime_type.php?r1=12303&r2=12302&pathrev=12303

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1148.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1148.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1148

reference_id

reference_type

scores

value	0.00596
scoring_system	epss
scoring_elements	0.69436
published_at	2026-04-24T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69285
published_at	2026-04-01T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69298
published_at	2026-04-02T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69315
published_at	2026-04-04T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69295
published_at	2026-04-07T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69345
published_at	2026-04-08T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69362
published_at	2026-04-09T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69384
published_at	2026-04-11T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69369
published_at	2026-04-12T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69355
published_at	2026-04-13T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69394
published_at	2026-04-16T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69404
published_at	2026-04-18T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69385
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1148

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1148
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1148

reference_url	http://secunia.com/advisories/34468
reference_id
reference_type
scores
url	http://secunia.com/advisories/34468

reference_url	http://secunia.com/advisories/34642
reference_id
reference_type
scores
url	http://secunia.com/advisories/34642

reference_url	http://www.phpmyadmin.net/home_page/security/PMASA-2009-1.php
reference_id
reference_type
scores
url	http://www.phpmyadmin.net/home_page/security/PMASA-2009-1.php

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id	492066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=492066

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2009-1148

reference_id

CVE-2009-1148

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2009-1148

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2009-1148

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pgne-8bg1-vbhe

url VCID-pqzx-hxpa-ruez

vulnerability_id VCID-pqzx-hxpa-ruez

summary

Multiple errors in phpMyAdmin might allow the remote execution of arbitrary
    code or a Cross-Site Scripting attack.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_url	http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/trunk/phpMyAdmin/libraries/display_export.lib.php?r1=11986&r2=12302&pathrev=12302
reference_id
reference_type
scores
url	http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/trunk/phpMyAdmin/libraries/display_export.lib.php?r1=11986&r2=12302&pathrev=12302

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1150.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1150.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1150

reference_id

reference_type

scores

value	0.00749
scoring_system	epss
scoring_elements	0.7321
published_at	2026-04-24T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73078
published_at	2026-04-01T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73088
published_at	2026-04-02T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73108
published_at	2026-04-04T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73083
published_at	2026-04-07T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73119
published_at	2026-04-08T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73132
published_at	2026-04-09T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73156
published_at	2026-04-11T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73136
published_at	2026-04-12T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.7313
published_at	2026-04-13T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73173
published_at	2026-04-16T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73182
published_at	2026-04-18T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73175
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150

reference_url	http://secunia.com/advisories/34430
reference_id
reference_type
scores
url	http://secunia.com/advisories/34430

reference_url	http://secunia.com/advisories/34642
reference_id
reference_type
scores
url	http://secunia.com/advisories/34642

reference_url	http://secunia.com/advisories/35585
reference_id
reference_type
scores
url	http://secunia.com/advisories/35585

reference_url	http://secunia.com/advisories/35635
reference_id
reference_type
scores
url	http://secunia.com/advisories/35635

reference_url	http://security.gentoo.org/glsa/glsa-200906-03.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200906-03.xml

reference_url	http://www.debian.org/security/2009/dsa-1824
reference_id
reference_type
scores
url	http://www.debian.org/security/2009/dsa-1824

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:115
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:115

reference_url	http://www.phpmyadmin.net/home_page/security/PMASA-2009-2.php
reference_id
reference_type
scores
url	http://www.phpmyadmin.net/home_page/security/PMASA-2009-2.php

reference_url	http://www.securityfocus.com/bid/34251
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/34251

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id	492066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=492066

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2009-1150

reference_id

CVE-2009-1150

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2009-1150

reference_url	https://security.gentoo.org/glsa/200906-03
reference_id	GLSA-200906-03
reference_type
scores
url	https://security.gentoo.org/glsa/200906-03

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2009-1150

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqzx-hxpa-ruez

url VCID-u5d5-2m3s-yka8

vulnerability_id VCID-u5d5-2m3s-yka8

summary

Improper Input Validation
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_url

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_3_1_3/phpMyAdmin/bs_disp_as_mime_type.php?r1=12303&r2=12302&pathrev=12303

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_3_1_3/phpMyAdmin/bs_disp_as_mime_type.php?r1=12303&r2=12302&pathrev=12303

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1149.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1149.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1149

reference_id

reference_type

scores

value	0.00715
scoring_system	epss
scoring_elements	0.72433
published_at	2026-04-24T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72382
published_at	2026-04-11T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72365
published_at	2026-04-12T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72352
published_at	2026-04-13T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72393
published_at	2026-04-16T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72403
published_at	2026-04-18T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.7239
published_at	2026-04-21T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72306
published_at	2026-04-01T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72312
published_at	2026-04-02T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72331
published_at	2026-04-04T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72308
published_at	2026-04-07T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72346
published_at	2026-04-08T12:55:00Z

value	0.00715
scoring_system	epss
scoring_elements	0.72358
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1149

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1149
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1149

reference_url	http://secunia.com/advisories/34468
reference_id
reference_type
scores
url	http://secunia.com/advisories/34468

reference_url	http://secunia.com/advisories/34642
reference_id
reference_type
scores
url	http://secunia.com/advisories/34642

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/69bfbf11c7e9487dfa96293aaa797ff14bb513f0

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/69bfbf11c7e9487dfa96293aaa797ff14bb513f0

reference_url

http://www.phpmyadmin.net/home_page/security/PMASA-2009-1.php

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.phpmyadmin.net/home_page/security/PMASA-2009-1.php

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id	492066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=492066

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2009-1149

reference_id

CVE-2009-1149

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2009-1149

reference_url

https://github.com/advisories/GHSA-xrpq-63mp-9vcw

reference_id

GHSA-xrpq-63mp-9vcw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xrpq-63mp-9vcw

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2009-1149, GHSA-xrpq-63mp-9vcw

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u5d5-2m3s-yka8

url VCID-vzku-a8c1-xycf

vulnerability_id VCID-vzku-a8c1-xycf

summary

Multiple errors in phpMyAdmin might allow the remote execution of arbitrary
    code or a Cross-Site Scripting attack.

references

reference_url

http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/

reference_url

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_url

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1151.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1151.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1151

reference_id

reference_type

scores

value	0.92956
scoring_system	epss
scoring_elements	0.99775
published_at	2026-04-04T12:55:00Z

value	0.92956
scoring_system	epss
scoring_elements	0.99776
published_at	2026-04-07T12:55:00Z

value	0.92956
scoring_system	epss
scoring_elements	0.99777
published_at	2026-04-13T12:55:00Z

value	0.92956
scoring_system	epss
scoring_elements	0.99778
published_at	2026-04-21T12:55:00Z

value	0.92956
scoring_system	epss
scoring_elements	0.99779
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1151

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151

reference_url

http://secunia.com/advisories/34430

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://secunia.com/advisories/34430

reference_url

http://secunia.com/advisories/34642

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://secunia.com/advisories/34642

reference_url

http://secunia.com/advisories/35585

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://secunia.com/advisories/35585

reference_url

http://secunia.com/advisories/35635

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://secunia.com/advisories/35635

reference_url

http://security.gentoo.org/glsa/glsa-200906-03.xml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://security.gentoo.org/glsa/glsa-200906-03.xml

reference_url	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1151
reference_id
reference_type
scores
url	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1151

reference_url

https://www.exploit-db.com/exploits/8921

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

https://www.exploit-db.com/exploits/8921

reference_url

http://www.debian.org/security/2009/dsa-1824

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://www.debian.org/security/2009/dsa-1824

reference_url

http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2009:115

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://www.mandriva.com/security/advisories?name=MDVSA-2009:115

reference_url

http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php

reference_url

http://www.securityfocus.com/archive/1/504191/100/0/threaded

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://www.securityfocus.com/archive/1/504191/100/0/threaded

reference_url

http://www.securityfocus.com/bid/34236

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/

url

http://www.securityfocus.com/bid/34236

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id	492066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=492066

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2009-1151

reference_id

CVE-2009-1151

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2009-1151

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/16913.rb
reference_id	CVE-2009-1151;OSVDB-53076
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/16913.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8992.php
reference_id	CVE-2009-1151;OSVDB-53076
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8992.php

reference_url	https://security.gentoo.org/glsa/200906-03
reference_id	GLSA-200906-03
reference_type
scores
url	https://security.gentoo.org/glsa/200906-03

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8921.sh
reference_id	OSVDB-53076;CVE-2009-1151
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8921.sh

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2009-1151

risk_score 10.0

exploitability 2.0

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vzku-a8c1-xycf

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie

Package Instance