Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
Typedeb
Namespacedebian
Namephpmyadmin
Version4:3.4.3.1-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4:3.4.3.2-1
Latest_non_vulnerable_version4:5.2.3+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-9xb8-kz1v-43bt
vulnerability_id VCID-9xb8-kz1v-43bt
summary 
Improper Control of Generation of Code ('Code Injection')
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.
references
0
reference_url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2506
reference_id
reference_type
scores
0
value 0.33677
scoring_system epss
scoring_elements 0.96951
published_at 2026-04-16T12:55:00Z
1
value 0.33677
scoring_system epss
scoring_elements 0.96944
published_at 2026-04-13T12:55:00Z
2
value 0.33677
scoring_system epss
scoring_elements 0.96943
published_at 2026-04-12T12:55:00Z
3
value 0.33677
scoring_system epss
scoring_elements 0.96942
published_at 2026-04-11T12:55:00Z
4
value 0.33677
scoring_system epss
scoring_elements 0.96921
published_at 2026-04-02T12:55:00Z
5
value 0.33677
scoring_system epss
scoring_elements 0.96958
published_at 2026-04-21T12:55:00Z
6
value 0.33677
scoring_system epss
scoring_elements 0.96955
published_at 2026-04-18T12:55:00Z
7
value 0.33677
scoring_system epss
scoring_elements 0.96925
published_at 2026-04-04T12:55:00Z
8
value 0.33677
scoring_system epss
scoring_elements 0.96913
published_at 2026-04-01T12:55:00Z
9
value 0.33677
scoring_system epss
scoring_elements 0.96939
published_at 2026-04-09T12:55:00Z
10
value 0.33677
scoring_system epss
scoring_elements 0.96938
published_at 2026-04-08T12:55:00Z
11
value 0.33677
scoring_system epss
scoring_elements 0.96929
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2506
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506
5
reference_url http://securityreason.com/securityalert/8306
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/8306
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
8
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4
9
reference_url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
10
reference_url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
11
reference_url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
12
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
13
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
14
reference_url http://www.debian.org/security/2011/dsa-2286
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2286
15
reference_url http://www.exploit-db.com/exploits/17514
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.exploit-db.com/exploits/17514
16
reference_url http://www.exploit-db.com/exploits/17514/
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/17514/
17
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/2
18
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/6
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/6
19
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/8
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/8
20
reference_url http://www.openwall.com/lists/oss-security/2011/06/29/11
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/29/11
21
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2506
reference_id CVE-2011-2506
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2506
23
reference_url https://github.com/advisories/GHSA-p6h7-29r2-g88f
reference_id GHSA-p6h7-29r2-g88f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p6h7-29r2-g88f
24
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-na3j-h3qr-k7dc
1
vulnerability VCID-ndjn-p6gb-u7g4
2
vulnerability VCID-rqy8-n6fr-hqey
3
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2506, GHSA-p6h7-29r2-g88f
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9xb8-kz1v-43bt
1
url VCID-qrm9-716c-2ybp
vulnerability_id VCID-qrm9-716c-2ybp
summary 
Improper Control of Generation of Code ('Code Injection')
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability."
references
0
reference_url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2505
reference_id
reference_type
scores
0
value 0.37008
scoring_system epss
scoring_elements 0.97166
published_at 2026-04-18T12:55:00Z
1
value 0.37008
scoring_system epss
scoring_elements 0.97165
published_at 2026-04-16T12:55:00Z
2
value 0.37008
scoring_system epss
scoring_elements 0.97157
published_at 2026-04-13T12:55:00Z
3
value 0.37008
scoring_system epss
scoring_elements 0.97156
published_at 2026-04-12T12:55:00Z
4
value 0.37008
scoring_system epss
scoring_elements 0.97155
published_at 2026-04-11T12:55:00Z
5
value 0.37008
scoring_system epss
scoring_elements 0.97151
published_at 2026-04-09T12:55:00Z
6
value 0.37008
scoring_system epss
scoring_elements 0.97134
published_at 2026-04-02T12:55:00Z
7
value 0.37008
scoring_system epss
scoring_elements 0.97171
published_at 2026-04-21T12:55:00Z
8
value 0.37008
scoring_system epss
scoring_elements 0.9714
published_at 2026-04-04T12:55:00Z
9
value 0.37008
scoring_system epss
scoring_elements 0.97127
published_at 2026-04-01T12:55:00Z
10
value 0.37008
scoring_system epss
scoring_elements 0.9715
published_at 2026-04-08T12:55:00Z
11
value 0.37008
scoring_system epss
scoring_elements 0.97141
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2505
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505
4
reference_url http://securityreason.com/securityalert/8306
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/8306
5
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
6
reference_url https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54
8
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
9
reference_url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
10
reference_url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
11
reference_url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
12
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
13
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
14
reference_url http://www.debian.org/security/2011/dsa-2286
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2286
15
reference_url http://www.exploit-db.com/exploits/17514
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.exploit-db.com/exploits/17514
16
reference_url http://www.exploit-db.com/exploits/17514/
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/17514/
17
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/2
18
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/6
19
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/8
20
reference_url http://www.openwall.com/lists/oss-security/2011/06/29/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/29/11
21
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2505
reference_id CVE-2011-2505
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2505
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py
reference_id CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py
24
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php
reference_id CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php
25
reference_url http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611
reference_type exploit
scores
url http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
26
reference_url https://github.com/advisories/GHSA-vqcm-r62w-w437
reference_id GHSA-vqcm-r62w-w437
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vqcm-r62w-w437
27
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-na3j-h3qr-k7dc
1
vulnerability VCID-ndjn-p6gb-u7g4
2
vulnerability VCID-rqy8-n6fr-hqey
3
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2505, GHSA-vqcm-r62w-w437
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrm9-716c-2ybp
2
url VCID-tnbx-6gqw-8fb5
vulnerability_id VCID-tnbx-6gqw-8fb5
summary 
Multiple vulnerabilities were found in phpMyAdmin, the most severe
    of which allows the execution of arbitrary PHP code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2507
reference_id
reference_type
scores
0
value 0.03737
scoring_system epss
scoring_elements 0.87949
published_at 2026-04-01T12:55:00Z
1
value 0.03737
scoring_system epss
scoring_elements 0.87959
published_at 2026-04-02T12:55:00Z
2
value 0.03737
scoring_system epss
scoring_elements 0.87973
published_at 2026-04-04T12:55:00Z
3
value 0.03737
scoring_system epss
scoring_elements 0.87977
published_at 2026-04-07T12:55:00Z
4
value 0.03737
scoring_system epss
scoring_elements 0.87997
published_at 2026-04-08T12:55:00Z
5
value 0.03737
scoring_system epss
scoring_elements 0.88004
published_at 2026-04-09T12:55:00Z
6
value 0.03737
scoring_system epss
scoring_elements 0.88014
published_at 2026-04-11T12:55:00Z
7
value 0.03737
scoring_system epss
scoring_elements 0.88007
published_at 2026-04-12T12:55:00Z
8
value 0.03737
scoring_system epss
scoring_elements 0.88008
published_at 2026-04-13T12:55:00Z
9
value 0.03737
scoring_system epss
scoring_elements 0.88021
published_at 2026-04-16T12:55:00Z
10
value 0.03737
scoring_system epss
scoring_elements 0.8802
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2507
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-na3j-h3qr-k7dc
1
vulnerability VCID-ndjn-p6gb-u7g4
2
vulnerability VCID-rqy8-n6fr-hqey
3
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2507
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnbx-6gqw-8fb5
3
url VCID-z6t5-jasy-vbfs
vulnerability_id VCID-z6t5-jasy-vbfs
summary 
phpMyAdmin Directory Traversal vulnerability
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.
references
0
reference_url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7
3
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2508
reference_id
reference_type
scores
0
value 0.11174
scoring_system epss
scoring_elements 0.93484
published_at 2026-04-09T12:55:00Z
1
value 0.11174
scoring_system epss
scoring_elements 0.93521
published_at 2026-04-21T12:55:00Z
2
value 0.11174
scoring_system epss
scoring_elements 0.93489
published_at 2026-04-12T12:55:00Z
3
value 0.11174
scoring_system epss
scoring_elements 0.93465
published_at 2026-04-02T12:55:00Z
4
value 0.11174
scoring_system epss
scoring_elements 0.93457
published_at 2026-04-01T12:55:00Z
5
value 0.11174
scoring_system epss
scoring_elements 0.93509
published_at 2026-04-16T12:55:00Z
6
value 0.11174
scoring_system epss
scoring_elements 0.93515
published_at 2026-04-18T12:55:00Z
7
value 0.11174
scoring_system epss
scoring_elements 0.9349
published_at 2026-04-13T12:55:00Z
8
value 0.11174
scoring_system epss
scoring_elements 0.9348
published_at 2026-04-08T12:55:00Z
9
value 0.11174
scoring_system epss
scoring_elements 0.93473
published_at 2026-04-07T12:55:00Z
10
value 0.11174
scoring_system epss
scoring_elements 0.93472
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2508
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508
6
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
7
reference_url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
8
reference_url https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
9
reference_url https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded
10
reference_url https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306
11
reference_url https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
12
reference_url http://www.debian.org/security/2011/dsa-2286
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2286
13
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:124
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:124
14
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/2
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/2
15
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/6
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/6
16
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/8
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/8
17
reference_url http://www.openwall.com/lists/oss-security/2011/06/29/11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/29/11
18
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2508
reference_id CVE-2011-2508
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2508
20
reference_url https://github.com/advisories/GHSA-q6vw-39cg-wjjf
reference_id GHSA-q6vw-39cg-wjjf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q6vw-39cg-wjjf
21
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-na3j-h3qr-k7dc
1
vulnerability VCID-ndjn-p6gb-u7g4
2
vulnerability VCID-rqy8-n6fr-hqey
3
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zd8d-c1nk-g7a4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2508, GHSA-q6vw-39cg-wjjf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6t5-jasy-vbfs
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie