VulnerableCode Package Details - pkg:deb/debian/phpmyadmin@4:2.9.0.2-0.1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5s9r-7z3f-wkcy	Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017.	CVE-2006-5116
VCID-nwq5-yv4h-5qch	phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.	CVE-2006-5117

Vulnerability

Summary

Aliases

VCID-5s9r-7z3f-wkcy

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017.

CVE-2006-5116

VCID-nwq5-yv4h-5qch

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.

CVE-2006-5117

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:29:57.921064+00:00	Debian Importer	Fixing	VCID-5s9r-7z3f-wkcy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:45:05.266789+00:00	Debian Importer	Fixing	VCID-nwq5-yv4h-5qch	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:33:26.998906+00:00	Debian Importer	Fixing	VCID-5s9r-7z3f-wkcy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:00:44.452792+00:00	Debian Importer	Fixing	VCID-nwq5-yv4h-5qch	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:49:46.140724+00:00	Debian Importer	Fixing	VCID-nwq5-yv4h-5qch	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:49:46.092771+00:00	Debian Importer	Fixing	VCID-5s9r-7z3f-wkcy	https://security-tracker.debian.org/tracker/data/json	38.1.0