Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie

Type deb

Namespace debian

Name phpmyadmin

Version 4:4.9.1+dfsg1-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4:4.9.2+dfsg1-1

Latest_non_vulnerable_version 4:5.2.3+dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-986a-3m4g-83ge

vulnerability_id VCID-986a-3m4g-83ge

summary

Cross-Site Request Forgery (CSRF)
By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19969

reference_id

reference_type

scores

value	0.00458
scoring_system	epss
scoring_elements	0.63934
published_at	2026-04-07T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64006
published_at	2026-04-21T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64017
published_at	2026-04-18T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64005
published_at	2026-04-16T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.6397
published_at	2026-04-13T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64
published_at	2026-04-12T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64014
published_at	2026-04-11T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64002
published_at	2026-04-09T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63888
published_at	2026-04-01T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63947
published_at	2026-04-02T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63984
published_at	2026-04-08T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63974
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969

reference_url

https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175

reference_url	https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/
reference_id
reference_type
scores
url	https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-7

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-7

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-7/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-7/

reference_url	http://www.securityfocus.com/bid/106175
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106175

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-19969

reference_id

CVE-2018-19969

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19969

reference_url

https://github.com/advisories/GHSA-xwf2-53mc-r8hx

reference_id

GHSA-xwf2-53mc-r8hx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xwf2-53mc-r8hx

reference_url

https://security.gentoo.org/glsa/201904-16

reference_id

GLSA-201904-16

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201904-16

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2018-19969, GHSA-xwf2-53mc-r8hx

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-986a-3m4g-83ge

url VCID-br1c-5bzf-ufeu

vulnerability_id VCID-br1c-5bzf-ufeu

summary

SQL Injection
An issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6798

reference_id

reference_type

scores

value	0.00538
scoring_system	epss
scoring_elements	0.67578
published_at	2026-04-21T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67474
published_at	2026-04-01T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.6751
published_at	2026-04-07T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67532
published_at	2026-04-04T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67562
published_at	2026-04-08T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67575
published_at	2026-04-09T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67598
published_at	2026-04-11T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67584
published_at	2026-04-12T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67551
published_at	2026-04-13T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67587
published_at	2026-04-16T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67599
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://www.phpmyadmin.net/security/PMASA-2019-2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2019-2

reference_url	https://www.phpmyadmin.net/security/PMASA-2019-2/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2019-2/

reference_url

http://www.securityfocus.com/bid/106727

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106727

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822
reference_id	920822
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6798

reference_id

CVE-2019-6798

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6798

reference_url

https://github.com/advisories/GHSA-f732-fxh6-g4qj

reference_id

GHSA-f732-fxh6-g4qj

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f732-fxh6-g4qj

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-6798, GHSA-f732-fxh6-g4qj

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-br1c-5bzf-ufeu

url VCID-c91y-txcw-2kdy

vulnerability_id VCID-c91y-txcw-2kdy

summary

Cross-site Scripting
An issue was discovered in `js/designer/move.js` in phpMyAdm A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12581

reference_id

reference_type

scores

value	0.0062
scoring_system	epss
scoring_elements	0.70001
published_at	2026-04-04T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.70069
published_at	2026-04-21T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.69974
published_at	2026-04-01T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.70026
published_at	2026-04-08T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.69987
published_at	2026-04-02T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.69978
published_at	2026-04-07T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.70089
published_at	2026-04-18T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.7008
published_at	2026-04-16T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.70037
published_at	2026-04-13T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.7005
published_at	2026-04-12T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.70065
published_at	2026-04-11T12:55:00Z

value	0.0062
scoring_system	epss
scoring_elements	0.70042
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e

reference_url

https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530

reference_url

https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-3

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-3

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-3/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-3/

reference_url	http://www.securityfocus.com/bid/104530
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104530

reference_url	http://www.securitytracker.com/id/1041187
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1041187

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12581

reference_id

CVE-2018-12581

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12581

reference_url

https://github.com/advisories/GHSA-vxj6-pm6r-23hq

reference_id

GHSA-vxj6-pm6r-23hq

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vxj6-pm6r-23hq

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2018-12581, GHSA-vxj6-pm6r-23hq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c91y-txcw-2kdy

url VCID-ebk2-vjau-57h9

vulnerability_id VCID-ebk2-vjau-57h9

summary

Information Exposure
An attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19968

reference_id

reference_type

scores

value	0.02543
scoring_system	epss
scoring_elements	0.85409
published_at	2026-04-02T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85495
published_at	2026-04-21T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85498
published_at	2026-04-18T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85494
published_at	2026-04-16T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.8547
published_at	2026-04-13T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85429
published_at	2026-04-04T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85397
published_at	2026-04-01T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85474
published_at	2026-04-12T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85475
published_at	2026-04-11T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85461
published_at	2026-04-09T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85453
published_at	2026-04-08T12:55:00Z

value	0.02543
scoring_system	epss
scoring_elements	0.85432
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732

reference_url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-6

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-6/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-6/

reference_url

http://www.securityfocus.com/bid/106178

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106178

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-19968

reference_id

CVE-2018-19968

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19968

reference_url

https://github.com/advisories/GHSA-xc97-r49q-cxgc

reference_id

GHSA-xc97-r49q-cxgc

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xc97-r49q-cxgc

reference_url

https://security.gentoo.org/glsa/201904-16

reference_id

GLSA-201904-16

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201904-16

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2018-19968, GHSA-xc97-r49q-cxgc

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9

url VCID-ftdj-p5as-97hd

vulnerability_id VCID-ftdj-p5as-97hd

summary

Cross-Site Request Forgery (CSRF)
phpMyAdm has CSRF, allowing an attacker to execute arbitrary SQL statements, related to `js/db_operations.js`, `js/tbl_operations.js`, `libraries/classes/Operations.php`, and `sql.php.`

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10188

reference_id

reference_type

scores

value	0.00935
scoring_system	epss
scoring_elements	0.7618
published_at	2026-04-21T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76093
published_at	2026-04-01T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76096
published_at	2026-04-02T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76128
published_at	2026-04-04T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76107
published_at	2026-04-07T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.7614
published_at	2026-04-08T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76153
published_at	2026-04-09T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76179
published_at	2026-04-11T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76155
published_at	2026-04-12T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76152
published_at	2026-04-13T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76193
published_at	2026-04-16T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76197
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641

reference_url

https://www.exploit-db.com/exploits/44496

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/44496

reference_url	https://www.exploit-db.com/exploits/44496/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/44496/

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-2

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-2/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-2/

reference_url

http://www.securityfocus.com/bid/103936

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/103936

reference_url

http://www.securitytracker.com/id/1040752

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securitytracker.com/id/1040752

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490
reference_id	896490
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:::::::*
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html
reference_id	CVE-2018-10188
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-10188

reference_id

CVE-2018-10188

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-10188

reference_url

https://github.com/advisories/GHSA-v6fp-h79x-9rqc

reference_id

GHSA-v6fp-h79x-9rqc

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v6fp-h79x-9rqc

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2018-10188, GHSA-v6fp-h79x-9rqc

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftdj-p5as-97hd

url VCID-jma9-9uhu-xuc3

vulnerability_id VCID-jma9-9uhu-xuc3

summary

SQL Injection
A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11768

reference_id

reference_type

scores

value	0.01803
scoring_system	epss
scoring_elements	0.82849
published_at	2026-04-21T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82795
published_at	2026-04-08T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82801
published_at	2026-04-09T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82817
published_at	2026-04-11T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82813
published_at	2026-04-12T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82808
published_at	2026-04-13T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82847
published_at	2026-04-16T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82846
published_at	2026-04-18T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82743
published_at	2026-04-01T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82759
published_at	2026-04-02T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82772
published_at	2026-04-04T12:55:00Z

value	0.01803
scoring_system	epss
scoring_elements	0.82769
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11768

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86

reference_url

https://www.phpmyadmin.net/security/PMASA-2019-3

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2019-3

reference_url	https://www.phpmyadmin.net/security/PMASA-2019-3/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2019-3/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048
reference_id	930048
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11768

reference_id

CVE-2019-11768

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11768

reference_url

https://github.com/advisories/GHSA-x37v-98f9-mj32

reference_id

GHSA-x37v-98f9-mj32

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-x37v-98f9-mj32

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-11768, GHSA-x37v-98f9-mj32

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jma9-9uhu-xuc3

url VCID-mwtw-n1tv-hfd9

vulnerability_id VCID-mwtw-n1tv-hfd9

summary

Cross-site Scripting
Cross-site scripting (XSS) vulnerability in `db_central_columns.php` in phpMyAdm allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-7260

reference_id

reference_type

scores

value	0.00302
scoring_system	epss
scoring_elements	0.53422
published_at	2026-04-02T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53503
published_at	2026-04-21T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53522
published_at	2026-04-18T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53517
published_at	2026-04-16T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53481
published_at	2026-04-13T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53448
published_at	2026-04-04T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53399
published_at	2026-04-01T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53498
published_at	2026-04-12T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53515
published_at	2026-04-11T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53466
published_at	2026-04-09T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53469
published_at	2026-04-08T12:55:00Z

value	0.00302
scoring_system	epss
scoring_elements	0.53417
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-7260

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3

reference_url

https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-1

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-1

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-1/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-1/

reference_url

http://www.securityfocus.com/bid/103099

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/103099

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539
reference_id	893539
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539

reference_url	https://security.archlinux.org/ASA-201802-11
reference_id	ASA-201802-11
reference_type
scores
url	https://security.archlinux.org/ASA-201802-11

reference_url

https://security.archlinux.org/AVG-630

reference_id

AVG-630

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-630

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-7260

reference_id

CVE-2018-7260

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-7260

reference_url

https://github.com/advisories/GHSA-gqmj-f46x-wqhw

reference_id

GHSA-gqmj-f46x-wqhw

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gqmj-f46x-wqhw

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2018-7260, GHSA-gqmj-f46x-wqhw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mwtw-n1tv-hfd9

url VCID-qcra-cu62-43he

vulnerability_id VCID-qcra-cu62-43he

summary

Cross-site Scripting
In phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19970

reference_id

reference_type

scores

value	0.01501
scoring_system	epss
scoring_elements	0.81175
published_at	2026-04-21T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81074
published_at	2026-04-01T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81083
published_at	2026-04-02T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81108
published_at	2026-04-04T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81107
published_at	2026-04-07T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81135
published_at	2026-04-08T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81141
published_at	2026-04-09T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81159
published_at	2026-04-11T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81146
published_at	2026-04-12T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81139
published_at	2026-04-13T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81176
published_at	2026-04-16T12:55:00Z

value	0.01501
scoring_system	epss
scoring_elements	0.81178
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19970

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html

reference_url

https://www.phpmyadmin.net/security/PMASA-2018-8

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2018-8

reference_url	https://www.phpmyadmin.net/security/PMASA-2018-8/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2018-8/

reference_url

http://www.securityfocus.com/bid/106181

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106181

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-19970

reference_id

CVE-2018-19970

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19970

reference_url

https://github.com/advisories/GHSA-8987-93fh-rcwq

reference_id

GHSA-8987-93fh-rcwq

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8987-93fh-rcwq

reference_url

https://security.gentoo.org/glsa/201904-16

reference_id

GLSA-201904-16

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201904-16

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2018-19970, GHSA-8987-93fh-rcwq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he

url VCID-scu3-cfyc-9qfz

vulnerability_id VCID-scu3-cfyc-9qfz

summary

Cross-Site Request Forgery (CSRF)
A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken `<img>` tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific `INSERT` or `DELETE` statement) to the victim.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12616

reference_id

reference_type

scores

value	0.55051
scoring_system	epss
scoring_elements	0.98062
published_at	2026-04-21T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98038
published_at	2026-04-01T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98043
published_at	2026-04-02T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98045
published_at	2026-04-04T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98047
published_at	2026-04-07T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98052
published_at	2026-04-08T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98053
published_at	2026-04-09T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98058
published_at	2026-04-12T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98059
published_at	2026-04-13T12:55:00Z

value	0.55051
scoring_system	epss
scoring_elements	0.98065
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec

reference_url

https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html

reference_url	https://www.phpmyadmin.net/security/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/

reference_url

https://www.phpmyadmin.net/security/PMASA-2019-4

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2019-4

reference_url	https://www.phpmyadmin.net/security/PMASA-2019-4/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2019-4/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017
reference_id	930017
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt
reference_id	CVE-2019-12616
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-12616

reference_id

CVE-2019-12616

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-12616

reference_url

https://github.com/advisories/GHSA-mfr9-pcm3-6mwc

reference_id

GHSA-mfr9-pcm3-6mwc

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mfr9-pcm3-6mwc

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-12616, GHSA-mfr9-pcm3-6mwc

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scu3-cfyc-9qfz

url VCID-yfja-ssw3-skh1

vulnerability_id VCID-yfja-ssw3-skh1

summary

Information Exposure
When the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6799

reference_id

reference_type

scores

value	0.7658
scoring_system	epss
scoring_elements	0.98948
published_at	2026-04-21T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98933
published_at	2026-04-01T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98935
published_at	2026-04-02T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98937
published_at	2026-04-04T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98939
published_at	2026-04-07T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98941
published_at	2026-04-09T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98943
published_at	2026-04-11T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98944
published_at	2026-04-13T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98946
published_at	2026-04-16T12:55:00Z

value	0.7658
scoring_system	epss
scoring_elements	0.98947
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799

reference_url

https://github.com/phpmyadmin/composer

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/composer

reference_url

https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html

reference_url

https://www.phpmyadmin.net/security/PMASA-2019-1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.phpmyadmin.net/security/PMASA-2019-1

reference_url	https://www.phpmyadmin.net/security/PMASA-2019-1/
reference_id
reference_type
scores
url	https://www.phpmyadmin.net/security/PMASA-2019-1/

reference_url

http://www.securityfocus.com/bid/106736

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106736

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823
reference_id	920823
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6799

reference_id

CVE-2019-6799

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6799

reference_url

https://github.com/advisories/GHSA-c8wj-q36q-3wg4

reference_id

GHSA-c8wj-q36q-3wg4

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-c8wj-q36q-3wg4

reference_url	https://usn.ubuntu.com/4639-1/
reference_id	USN-4639-1
reference_type
scores
url	https://usn.ubuntu.com/4639-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-6799, GHSA-c8wj-q36q-3wg4

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yfja-ssw3-skh1

url VCID-zyzp-aqd8-e3a9

vulnerability_id VCID-zyzp-aqd8-e3a9

summary

phpMyAdmin Cross-Site Request Forgery (CSRF)
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html

reference_url

http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12922

reference_id

reference_type

scores

value	0.4225
scoring_system	epss
scoring_elements	0.97459
published_at	2026-04-21T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97422
published_at	2026-04-01T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97429
published_at	2026-04-02T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97433
published_at	2026-04-04T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97434
published_at	2026-04-07T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97441
published_at	2026-04-08T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97442
published_at	2026-04-09T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97445
published_at	2026-04-11T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97447
published_at	2026-04-13T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.97456
published_at	2026-04-16T12:55:00Z

value	0.4225
scoring_system	epss
scoring_elements	0.9746
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922

reference_url

http://seclists.org/fulldisclosure/2019/Sep/23

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Sep/23

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161

reference_url

https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-12922

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-12922

reference_url

https://www.exploit-db.com/exploits/47385

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/47385

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_id	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt
reference_id	CVE-2019-12922
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt

reference_url

https://github.com/advisories/GHSA-4c9q-64gq-xhx4

reference_id

GHSA-4c9q-64gq-xhx4

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4c9q-64gq-xhx4

reference_url	https://usn.ubuntu.com/USN-4843-1/
reference_id	USN-USN-4843-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4843-1/

fixed_packages

url	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-na3j-h3qr-k7dc

vulnerability	VCID-ndjn-p6gb-u7g4

vulnerability	VCID-rqy8-n6fr-hqey

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd8d-c1nk-g7a4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-12922, GHSA-4c9q-64gq-xhx4

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzp-aqd8-e3a9

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie

Package Instance