Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
Typedeb
Namespacedebian
Namephpmyadmin
Version4:5.2.2-really+dfsg-1+deb13u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4:5.2.2-really+dfsg-2
Latest_non_vulnerable_version4:5.2.3+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1aqb-7an7-mbed
vulnerability_id VCID-1aqb-7an7-mbed
summary phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4998
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48525
published_at 2026-06-04T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48587
published_at 2026-06-05T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.48595
published_at 2026-06-06T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48576
published_at 2026-06-07T12:55:00Z
4
value 0.0025
scoring_system epss
scoring_elements 0.48548
published_at 2026-06-08T12:55:00Z
5
value 0.0025
scoring_system epss
scoring_elements 0.48561
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4998
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4998
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4998
2
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-4998
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1aqb-7an7-mbed
1
url VCID-1ckz-f61g-bubu
vulnerability_id VCID-1ckz-f61g-bubu
summary Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase </SCRIPT> end tag, which bypasses the protection against lowercase </script>.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1395
reference_id
reference_type
scores
0
value 0.02383
scoring_system epss
scoring_elements 0.8529
published_at 2026-06-04T12:55:00Z
1
value 0.02383
scoring_system epss
scoring_elements 0.85314
published_at 2026-06-05T12:55:00Z
2
value 0.02383
scoring_system epss
scoring_elements 0.85319
published_at 2026-06-06T12:55:00Z
3
value 0.02383
scoring_system epss
scoring_elements 0.85313
published_at 2026-06-07T12:55:00Z
4
value 0.02383
scoring_system epss
scoring_elements 0.85299
published_at 2026-06-08T12:55:00Z
5
value 0.02383
scoring_system epss
scoring_elements 0.85312
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1395
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1395
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1395
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.10.0.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.10.0.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.10.0.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-1395
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ckz-f61g-bubu
2
url VCID-1drk-gzqj-2qc5
vulnerability_id VCID-1drk-gzqj-2qc5
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5099
reference_id
reference_type
scores
0
value 0.00493
scoring_system epss
scoring_elements 0.66058
published_at 2026-06-04T12:55:00Z
1
value 0.00493
scoring_system epss
scoring_elements 0.6611
published_at 2026-06-09T12:55:00Z
2
value 0.00493
scoring_system epss
scoring_elements 0.66121
published_at 2026-06-06T12:55:00Z
3
value 0.00493
scoring_system epss
scoring_elements 0.66105
published_at 2026-06-07T12:55:00Z
4
value 0.00493
scoring_system epss
scoring_elements 0.66092
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5099
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5099
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1drk-gzqj-2qc5
3
url VCID-1f97-us29-hqef
vulnerability_id VCID-1f97-us29-hqef
summary Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0567
reference_id
reference_type
scores
0
value 0.01218
scoring_system epss
scoring_elements 0.79368
published_at 2026-06-04T12:55:00Z
1
value 0.01218
scoring_system epss
scoring_elements 0.79395
published_at 2026-06-05T12:55:00Z
2
value 0.01218
scoring_system epss
scoring_elements 0.794
published_at 2026-06-06T12:55:00Z
3
value 0.01218
scoring_system epss
scoring_elements 0.79393
published_at 2026-06-07T12:55:00Z
4
value 0.01218
scoring_system epss
scoring_elements 0.79383
published_at 2026-06-08T12:55:00Z
5
value 0.01218
scoring_system epss
scoring_elements 0.79402
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0567
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0567
fixed_packages
0
url pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-0567
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1f97-us29-hqef
4
url VCID-1g6g-r599-8qes
vulnerability_id VCID-1g6g-r599-8qes
summary PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive information via a direct request for libraries/common.lib.php, which reveals the path in an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6373
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60452
published_at 2026-06-04T12:55:00Z
1
value 0.00391
scoring_system epss
scoring_elements 0.605
published_at 2026-06-05T12:55:00Z
2
value 0.00391
scoring_system epss
scoring_elements 0.60503
published_at 2026-06-06T12:55:00Z
3
value 0.00391
scoring_system epss
scoring_elements 0.60491
published_at 2026-06-07T12:55:00Z
4
value 0.00391
scoring_system epss
scoring_elements 0.60474
published_at 2026-06-08T12:55:00Z
5
value 0.00391
scoring_system epss
scoring_elements 0.6049
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6373
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6373
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-6373
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1g6g-r599-8qes
5
url VCID-1hvw-4h4d-zkhv
vulnerability_id VCID-1hvw-4h4d-zkhv
summary 
Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin allow remote authenticated users to inject arbitrary web script or HTML.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2040
reference_id
reference_type
scores
0
value 0.00493
scoring_system epss
scoring_elements 0.6607
published_at 2026-06-09T12:55:00Z
1
value 0.00493
scoring_system epss
scoring_elements 0.66016
published_at 2026-06-04T12:55:00Z
2
value 0.00493
scoring_system epss
scoring_elements 0.66068
published_at 2026-06-05T12:55:00Z
3
value 0.00493
scoring_system epss
scoring_elements 0.6608
published_at 2026-06-06T12:55:00Z
4
value 0.00493
scoring_system epss
scoring_elements 0.66064
published_at 2026-06-07T12:55:00Z
5
value 0.00493
scoring_system epss
scoring_elements 0.66052
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2040
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2
20
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418
21
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
22
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2040
reference_id CVE-2016-2040
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2040
24
reference_url https://github.com/advisories/GHSA-pw34-qf6c-84fc
reference_id GHSA-pw34-qf6c-84fc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pw34-qf6c-84fc
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2040, GHSA-pw34-qf6c-84fc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1hvw-4h4d-zkhv
6
url VCID-1pyg-w3ru-3ffx
vulnerability_id VCID-1pyg-w3ru-3ffx
summary The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1325
reference_id
reference_type
scores
0
value 0.00988
scoring_system epss
scoring_elements 0.77201
published_at 2026-06-04T12:55:00Z
1
value 0.00988
scoring_system epss
scoring_elements 0.77233
published_at 2026-06-05T12:55:00Z
2
value 0.00988
scoring_system epss
scoring_elements 0.77242
published_at 2026-06-06T12:55:00Z
3
value 0.00988
scoring_system epss
scoring_elements 0.77231
published_at 2026-06-07T12:55:00Z
4
value 0.00988
scoring_system epss
scoring_elements 0.77221
published_at 2026-06-08T12:55:00Z
5
value 0.00988
scoring_system epss
scoring_elements 0.77243
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1325
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1325
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.10.0.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.10.0.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.10.0.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-1325
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1pyg-w3ru-3ffx
7
url VCID-219n-4qwz-zqg4
vulnerability_id VCID-219n-4qwz-zqg4
summary The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4326.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4326.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4326
reference_id
reference_type
scores
0
value 0.00425
scoring_system epss
scoring_elements 0.62563
published_at 2026-06-04T12:55:00Z
1
value 0.00425
scoring_system epss
scoring_elements 0.62608
published_at 2026-06-05T12:55:00Z
2
value 0.00425
scoring_system epss
scoring_elements 0.62617
published_at 2026-06-06T12:55:00Z
3
value 0.00425
scoring_system epss
scoring_elements 0.62606
published_at 2026-06-07T12:55:00Z
4
value 0.00425
scoring_system epss
scoring_elements 0.62592
published_at 2026-06-08T12:55:00Z
5
value 0.00425
scoring_system epss
scoring_elements 0.62605
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4326
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4326
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4326
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=463260
reference_id 463260
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=463260
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.8.1-3?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.8.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.8.1-3%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-4326
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-219n-4qwz-zqg4
8
url VCID-222u-hen7-cbc2
vulnerability_id VCID-222u-hen7-cbc2
summary phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3646
reference_id
reference_type
scores
0
value 0.0056
scoring_system epss
scoring_elements 0.68626
published_at 2026-06-04T12:55:00Z
1
value 0.0056
scoring_system epss
scoring_elements 0.68667
published_at 2026-06-07T12:55:00Z
2
value 0.0056
scoring_system epss
scoring_elements 0.68674
published_at 2026-06-06T12:55:00Z
3
value 0.0056
scoring_system epss
scoring_elements 0.68652
published_at 2026-06-08T12:55:00Z
4
value 0.0056
scoring_system epss
scoring_elements 0.68671
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3646
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3646
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3646
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-3646
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-222u-hen7-cbc2
9
url VCID-22fm-v29s-ukdg
vulnerability_id VCID-22fm-v29s-ukdg
summary Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the newname parameter to db_operations.php, the (4) query_history_latest, (5) query_history_latest_db, and (6) querydisplay_tab parameters to (c) querywindow.php, and (7) the pos parameter to (d) sql.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6942
reference_id
reference_type
scores
0
value 0.02243
scoring_system epss
scoring_elements 0.84868
published_at 2026-06-04T12:55:00Z
1
value 0.02243
scoring_system epss
scoring_elements 0.84891
published_at 2026-06-05T12:55:00Z
2
value 0.02243
scoring_system epss
scoring_elements 0.84896
published_at 2026-06-06T12:55:00Z
3
value 0.02243
scoring_system epss
scoring_elements 0.8489
published_at 2026-06-07T12:55:00Z
4
value 0.02243
scoring_system epss
scoring_elements 0.84879
published_at 2026-06-08T12:55:00Z
5
value 0.02243
scoring_system epss
scoring_elements 0.84894
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6942
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6942
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29058.txt
reference_id CVE-2006-6942;OSVDB-58821
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29058.txt
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29059.txt
reference_id CVE-2006-6942;OSVDB-58822
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29059.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29060.txt
reference_id CVE-2006-6942;OSVDB-58823
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29060.txt
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29061.txt
reference_id CVE-2006-6942;OSVDB-58824
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29061.txt
6
reference_url https://www.securityfocus.com/bid/21137/info
reference_id CVE-2006-6943;OSVDB-59227
reference_type exploit
scores
url https://www.securityfocus.com/bid/21137/info
7
reference_url https://security.gentoo.org/glsa/200903-32
reference_id GLSA-200903-32
reference_type
scores
url https://security.gentoo.org/glsa/200903-32
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-6942
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22fm-v29s-ukdg
10
url VCID-22za-twtc-akan
vulnerability_id VCID-22za-twtc-akan
summary PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] array arguments to (c) index.php, and the (7) back[] argument to (d) sql.php; and an invalid (8) sort_by parameter to (e) server_databases.php and (9) db parameter to (f) db_printview.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6943
reference_id
reference_type
scores
0
value 0.1154
scoring_system epss
scoring_elements 0.93764
published_at 2026-06-04T12:55:00Z
1
value 0.1154
scoring_system epss
scoring_elements 0.93773
published_at 2026-06-05T12:55:00Z
2
value 0.1154
scoring_system epss
scoring_elements 0.93772
published_at 2026-06-07T12:55:00Z
3
value 0.1154
scoring_system epss
scoring_elements 0.93771
published_at 2026-06-08T12:55:00Z
4
value 0.1154
scoring_system epss
scoring_elements 0.93778
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6943
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6943
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6943
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29062.txt
reference_id CVE-2006-6943;OSVDB-59227
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29062.txt
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-6943
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22za-twtc-akan
11
url VCID-23dq-w66r-k3bt
vulnerability_id VCID-23dq-w66r-k3bt
summary 
Cross-site Scripting
phpMyAdmin is vulnerable to a CSS injection attack through crafted cookie parameters.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000015
reference_id
reference_type
scores
0
value 0.00557
scoring_system epss
scoring_elements 0.68533
published_at 2026-06-04T12:55:00Z
1
value 0.00557
scoring_system epss
scoring_elements 0.68582
published_at 2026-06-06T12:55:00Z
2
value 0.00557
scoring_system epss
scoring_elements 0.68574
published_at 2026-06-05T12:55:00Z
3
value 0.00557
scoring_system epss
scoring_elements 0.68579
published_at 2026-06-09T12:55:00Z
4
value 0.00557
scoring_system epss
scoring_elements 0.68561
published_at 2026-06-08T12:55:00Z
5
value 0.00557
scoring_system epss
scoring_elements 0.68576
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000015
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000015
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000015
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://web.archive.org/web/20210123220229/http://www.securityfocus.com/bid/95726
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123220229/http://www.securityfocus.com/bid/95726
4
reference_url https://www.phpmyadmin.net/security/PMASA-2017-4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-4
5
reference_url http://www.securityfocus.com/bid/95726
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95726
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000015
reference_id CVE-2017-1000015
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000015
7
reference_url https://github.com/advisories/GHSA-3fgq-cmr4-97rr
reference_id GHSA-3fgq-cmr4-97rr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3fgq-cmr4-97rr
8
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-1000015, GHSA-3fgq-cmr4-97rr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-23dq-w66r-k3bt
12
url VCID-24f5-741f-rkgx
vulnerability_id VCID-24f5-741f-rkgx
summary libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
1
reference_url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11528&r2=11527&pathrev=11528
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11528&r2=11527&pathrev=11528
2
reference_url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-7252.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-7252.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-7252
reference_id
reference_type
scores
0
value 0.0296
scoring_system epss
scoring_elements 0.86759
published_at 2026-06-07T12:55:00Z
1
value 0.0296
scoring_system epss
scoring_elements 0.86763
published_at 2026-06-05T12:55:00Z
2
value 0.0296
scoring_system epss
scoring_elements 0.86761
published_at 2026-06-09T12:55:00Z
3
value 0.0296
scoring_system epss
scoring_elements 0.86749
published_at 2026-06-08T12:55:00Z
4
value 0.0296
scoring_system epss
scoring_elements 0.86741
published_at 2026-06-04T12:55:00Z
5
value 0.0296
scoring_system epss
scoring_elements 0.86762
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-7252
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-7252
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-7252
8
reference_url https://web.archive.org/web/20100613071447/http://secunia.com/advisories/38211
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20100613071447/http://secunia.com/advisories/38211
9
reference_url https://web.archive.org/web/20100613071509/http://secunia.com/advisories/39503
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20100613071509/http://secunia.com/advisories/39503
10
reference_url https://web.archive.org/web/20110729050522/http://www.securityfocus.com/bid/37826
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110729050522/http://www.securityfocus.com/bid/37826
11
reference_url http://www.debian.org/security/2010/dsa-2034
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2010/dsa-2034
12
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=557307
reference_id 557307
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=557307
14
reference_url https://github.com/advisories/GHSA-9645-6g72-2pv8
reference_id GHSA-9645-6g72-2pv8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9645-6g72-2pv8
15
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.0.0-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-7252, GHSA-9645-6g72-2pv8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24f5-741f-rkgx
13
url VCID-26mn-n4fu-53ce
vulnerability_id VCID-26mn-n4fu-53ce
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1055
reference_id
reference_type
scores
0
value 0.01171
scoring_system epss
scoring_elements 0.79017
published_at 2026-06-04T12:55:00Z
1
value 0.01171
scoring_system epss
scoring_elements 0.79043
published_at 2026-06-05T12:55:00Z
2
value 0.01171
scoring_system epss
scoring_elements 0.7905
published_at 2026-06-06T12:55:00Z
3
value 0.01171
scoring_system epss
scoring_elements 0.7904
published_at 2026-06-07T12:55:00Z
4
value 0.01171
scoring_system epss
scoring_elements 0.79028
published_at 2026-06-08T12:55:00Z
5
value 0.01171
scoring_system epss
scoring_elements 0.79046
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1055
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1055
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1055
fixed_packages
0
url pkg:deb/debian/phpmyadmin@2:2.6.0-pl3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@2:2.6.0-pl3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@2:2.6.0-pl3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2004-1055
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26mn-n4fu-53ce
14
url VCID-27w6-zhxk-x7e7
vulnerability_id VCID-27w6-zhxk-x7e7
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1) normalization.php or (2) js/normalization.js in the database normalization page, (3) templates/database/structure/sortable_header.phtml in the database structure page, or (4) the pos parameter to db_central_columns.php in the central columns page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2561
reference_id
reference_type
scores
0
value 0.00532
scoring_system epss
scoring_elements 0.67632
published_at 2026-06-04T12:55:00Z
1
value 0.00532
scoring_system epss
scoring_elements 0.67673
published_at 2026-06-05T12:55:00Z
2
value 0.00532
scoring_system epss
scoring_elements 0.6768
published_at 2026-06-06T12:55:00Z
3
value 0.00532
scoring_system epss
scoring_elements 0.6767
published_at 2026-06-09T12:55:00Z
4
value 0.00532
scoring_system epss
scoring_elements 0.67653
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2561
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2561
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-27w6-zhxk-x7e7
15
url VCID-282b-1ugg-yuev
vulnerability_id VCID-282b-1ugg-yuev
summary 
phpMyAdmin server-side request forgery (SSRF)
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6621
reference_id
reference_type
scores
0
value 0.00551
scoring_system epss
scoring_elements 0.68346
published_at 2026-06-04T12:55:00Z
1
value 0.00551
scoring_system epss
scoring_elements 0.68373
published_at 2026-06-08T12:55:00Z
2
value 0.00551
scoring_system epss
scoring_elements 0.68395
published_at 2026-06-06T12:55:00Z
3
value 0.00551
scoring_system epss
scoring_elements 0.68388
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6621
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6621
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-44
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-44
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6621
reference_id CVE-2016-6621
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6621
6
reference_url https://github.com/advisories/GHSA-44vv-mm86-7cg6
reference_id GHSA-44vv-mm86-7cg6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-44vv-mm86-7cg6
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6621, GHSA-44vv-mm86-7cg6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-282b-1ugg-yuev
16
url VCID-2at1-y3qg-77fb
vulnerability_id VCID-2at1-y3qg-77fb
summary 
Cross-site Scripting
An SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in `tbl_get_field.php` and `libraries/classes/Display/Results.php`). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10803
reference_id
reference_type
scores
0
value 0.02712
scoring_system epss
scoring_elements 0.86191
published_at 2026-06-04T12:55:00Z
1
value 0.02712
scoring_system epss
scoring_elements 0.86198
published_at 2026-06-08T12:55:00Z
2
value 0.02712
scoring_system epss
scoring_elements 0.8621
published_at 2026-06-07T12:55:00Z
3
value 0.02712
scoring_system epss
scoring_elements 0.86214
published_at 2026-06-06T12:55:00Z
4
value 0.02712
scoring_system epss
scoring_elements 0.86212
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10803
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
11
reference_url https://www.phpmyadmin.net/security/PMASA-2020-4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-4
12
reference_url https://www.phpmyadmin.net/security/PMASA-2020-4/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-4/
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666
reference_id 954666
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10803
reference_id CVE-2020-10803
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10803
15
reference_url https://github.com/advisories/GHSA-fcww-8wvc-38q9
reference_id GHSA-fcww-8wvc-38q9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fcww-8wvc-38q9
16
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.5%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.5%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.5%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2020-10803, GHSA-fcww-8wvc-38q9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2at1-y3qg-77fb
17
url VCID-2hse-tgk7-zban
vulnerability_id VCID-2hse-tgk7-zban
summary The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3300
reference_id
reference_type
scores
0
value 0.0189
scoring_system epss
scoring_elements 0.83531
published_at 2026-06-04T12:55:00Z
1
value 0.0189
scoring_system epss
scoring_elements 0.83555
published_at 2026-06-05T12:55:00Z
2
value 0.0189
scoring_system epss
scoring_elements 0.83557
published_at 2026-06-06T12:55:00Z
3
value 0.0189
scoring_system epss
scoring_elements 0.83554
published_at 2026-06-07T12:55:00Z
4
value 0.0189
scoring_system epss
scoring_elements 0.83545
published_at 2026-06-08T12:55:00Z
5
value 0.0189
scoring_system epss
scoring_elements 0.83559
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3300
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3300
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335306
reference_id 335306
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335306
3
reference_url https://security.gentoo.org/glsa/200510-21
reference_id GLSA-200510-21
reference_type
scores
url https://security.gentoo.org/glsa/200510-21
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.4-pl3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.4-pl3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.4-pl3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-3300
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hse-tgk7-zban
18
url VCID-2k4p-dxku-97h1
vulnerability_id VCID-2k4p-dxku-97h1
summary SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3697.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3697
reference_id
reference_type
scores
0
value 0.02584
scoring_system epss
scoring_elements 0.85857
published_at 2026-06-04T12:55:00Z
1
value 0.02584
scoring_system epss
scoring_elements 0.85878
published_at 2026-06-05T12:55:00Z
2
value 0.02584
scoring_system epss
scoring_elements 0.8588
published_at 2026-06-06T12:55:00Z
3
value 0.02584
scoring_system epss
scoring_elements 0.85876
published_at 2026-06-07T12:55:00Z
4
value 0.02584
scoring_system epss
scoring_elements 0.85861
published_at 2026-06-08T12:55:00Z
5
value 0.02584
scoring_system epss
scoring_elements 0.85875
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3697
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.2.2.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.2.2.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.2.2.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-3697
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2k4p-dxku-97h1
19
url VCID-2s34-4fkm-7yhs
vulnerability_id VCID-2s34-4fkm-7yhs
summary phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5117
reference_id
reference_type
scores
0
value 0.00463
scoring_system epss
scoring_elements 0.64632
published_at 2026-06-04T12:55:00Z
1
value 0.00463
scoring_system epss
scoring_elements 0.64674
published_at 2026-06-05T12:55:00Z
2
value 0.00463
scoring_system epss
scoring_elements 0.64683
published_at 2026-06-06T12:55:00Z
3
value 0.00463
scoring_system epss
scoring_elements 0.64672
published_at 2026-06-07T12:55:00Z
4
value 0.00463
scoring_system epss
scoring_elements 0.64662
published_at 2026-06-08T12:55:00Z
5
value 0.00463
scoring_system epss
scoring_elements 0.6468
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5117
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5117
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5117
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391090
reference_id 391090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391090
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.0.2-0.1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.0.2-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.0.2-0.1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-5117
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2s34-4fkm-7yhs
20
url VCID-2vqn-z4en-duh4
vulnerability_id VCID-2vqn-z4en-duh4
summary 
Information Exposure
phpMyAdmin allows remote attackers to obtain sensitive information.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5730
reference_id
reference_type
scores
0
value 0.01317
scoring_system epss
scoring_elements 0.80231
published_at 2026-06-09T12:55:00Z
1
value 0.01317
scoring_system epss
scoring_elements 0.80195
published_at 2026-06-04T12:55:00Z
2
value 0.01317
scoring_system epss
scoring_elements 0.80211
published_at 2026-06-08T12:55:00Z
3
value 0.01317
scoring_system epss
scoring_elements 0.80218
published_at 2026-06-07T12:55:00Z
4
value 0.01317
scoring_system epss
scoring_elements 0.80223
published_at 2026-06-06T12:55:00Z
5
value 0.01317
scoring_system epss
scoring_elements 0.80219
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5730
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5730
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5730
4
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
5
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/27664605b945b13e1d2b71adea822ace2099cc96
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/27664605b945b13e1d2b71adea822ace2099cc96
6
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/331c560fbfa0e7d2dce674b5e88e983c5f2a451d
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/331c560fbfa0e7d2dce674b5e88e983c5f2a451d
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/96e0aa35653ec0c66084a7e9343465e16c1f769b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/96e0aa35653ec0c66084a7e9343465e16c1f769b
8
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/b0180f18c828706af3a6800f0fb01a536d3ef8c7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/b0180f18c828706af3a6800f0fb01a536d3ef8c7
9
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/cd229d718e8cb4bc8ba32446beaa82d27727b6f0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/cd229d718e8cb4bc8ba32446beaa82d27727b6f0
10
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
11
reference_url https://www.phpmyadmin.net/security/PMASA-2016-23
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-23
12
reference_url https://www.phpmyadmin.net/security/PMASA-2016-23/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2016-23/
13
reference_url http://www.securityfocus.com/bid/91379
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/91379
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5730
reference_id CVE-2016-5730
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5730
15
reference_url https://github.com/advisories/GHSA-wm9c-vcv2-vpqc
reference_id GHSA-wm9c-vcv2-vpqc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wm9c-vcv2-vpqc
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5730, GHSA-wm9c-vcv2-vpqc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2vqn-z4en-duh4
21
url VCID-2zsp-w2wa-eqe4
vulnerability_id VCID-2zsp-w2wa-eqe4
summary Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6100
reference_id
reference_type
scores
0
value 0.00537
scoring_system epss
scoring_elements 0.67873
published_at 2026-06-04T12:55:00Z
1
value 0.00537
scoring_system epss
scoring_elements 0.67913
published_at 2026-06-05T12:55:00Z
2
value 0.00537
scoring_system epss
scoring_elements 0.67919
published_at 2026-06-06T12:55:00Z
3
value 0.00537
scoring_system epss
scoring_elements 0.67909
published_at 2026-06-07T12:55:00Z
4
value 0.00537
scoring_system epss
scoring_elements 0.67896
published_at 2026-06-08T12:55:00Z
5
value 0.00537
scoring_system epss
scoring_elements 0.67912
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6100
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6100
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6100
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.2.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.2.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.2.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-6100
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zsp-w2wa-eqe4
22
url VCID-31jg-3pzb-y3b6
vulnerability_id VCID-31jg-3pzb-y3b6
summary An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the fopen wrapper issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9853
reference_id
reference_type
scores
0
value 0.00589
scoring_system epss
scoring_elements 0.69583
published_at 2026-06-05T12:55:00Z
1
value 0.00589
scoring_system epss
scoring_elements 0.69589
published_at 2026-06-09T12:55:00Z
2
value 0.00589
scoring_system epss
scoring_elements 0.69569
published_at 2026-06-08T12:55:00Z
3
value 0.00589
scoring_system epss
scoring_elements 0.69591
published_at 2026-06-06T12:55:00Z
4
value 0.00589
scoring_system epss
scoring_elements 0.69544
published_at 2026-06-04T12:55:00Z
5
value 0.00589
scoring_system epss
scoring_elements 0.69581
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9853
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9853
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9853
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9853
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://web.archive.org/web/20210127193655/http://www.securityfocus.com/bid/94527
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210127193655/http://www.securityfocus.com/bid/94527
6
reference_url https://www.phpmyadmin.net/security/PMASA-2016-63
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-63
7
reference_url https://github.com/advisories/GHSA-rmmf-5xhh-gg27
reference_id GHSA-rmmf-5xhh-gg27
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rmmf-5xhh-gg27
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9853, GHSA-rmmf-5xhh-gg27
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31jg-3pzb-y3b6
23
url VCID-32ja-yuuw-bbbh
vulnerability_id VCID-32ja-yuuw-bbbh
summary 
SQL Injection
An SQL injection vulnerability was found in retrieval of the current username (in `libraries/classes/Server/Privileges.php` and `libraries/classes/UserPassword.php`). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10804
reference_id
reference_type
scores
0
value 0.01913
scoring_system epss
scoring_elements 0.83661
published_at 2026-06-09T12:55:00Z
1
value 0.01913
scoring_system epss
scoring_elements 0.83654
published_at 2026-06-07T12:55:00Z
2
value 0.01913
scoring_system epss
scoring_elements 0.83658
published_at 2026-06-06T12:55:00Z
3
value 0.01913
scoring_system epss
scoring_elements 0.83633
published_at 2026-06-04T12:55:00Z
4
value 0.01913
scoring_system epss
scoring_elements 0.83647
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10804
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
10
reference_url https://www.phpmyadmin.net/security/PMASA-2020-2
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-2
11
reference_url https://www.phpmyadmin.net/security/PMASA-2020-2/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-2/
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667
reference_id 954667
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10804
reference_id CVE-2020-10804
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10804
14
reference_url https://github.com/advisories/GHSA-h65r-8fp8-w7cx
reference_id GHSA-h65r-8fp8-w7cx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h65r-8fp8-w7cx
15
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.5%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.5%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.5%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2020-10804, GHSA-h65r-8fp8-w7cx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32ja-yuuw-bbbh
24
url VCID-32qm-fkf5-q7hc
vulnerability_id VCID-32qm-fkf5-q7hc
summary phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-2632
reference_id
reference_type
scores
0
value 0.02951
scoring_system epss
scoring_elements 0.86722
published_at 2026-06-04T12:55:00Z
1
value 0.02951
scoring_system epss
scoring_elements 0.86744
published_at 2026-06-05T12:55:00Z
2
value 0.02951
scoring_system epss
scoring_elements 0.86742
published_at 2026-06-06T12:55:00Z
3
value 0.02951
scoring_system epss
scoring_elements 0.86739
published_at 2026-06-07T12:55:00Z
4
value 0.02951
scoring_system epss
scoring_elements 0.86729
published_at 2026-06-08T12:55:00Z
5
value 0.02951
scoring_system epss
scoring_elements 0.86741
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-2632
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2632
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2632
2
reference_url https://security.gentoo.org/glsa/200407-22
reference_id GLSA-200407-22
reference_type
scores
url https://security.gentoo.org/glsa/200407-22
fixed_packages
0
url pkg:deb/debian/phpmyadmin@1:2.5.7-pl1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@1:2.5.7-pl1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@1:2.5.7-pl1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2004-2632
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32qm-fkf5-q7hc
25
url VCID-33kv-ye2c-ebax
vulnerability_id VCID-33kv-ye2c-ebax
summary phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5097
reference_id
reference_type
scores
0
value 0.00551
scoring_system epss
scoring_elements 0.68358
published_at 2026-06-04T12:55:00Z
1
value 0.00551
scoring_system epss
scoring_elements 0.68399
published_at 2026-06-05T12:55:00Z
2
value 0.00551
scoring_system epss
scoring_elements 0.68408
published_at 2026-06-06T12:55:00Z
3
value 0.00551
scoring_system epss
scoring_elements 0.684
published_at 2026-06-07T12:55:00Z
4
value 0.00551
scoring_system epss
scoring_elements 0.68385
published_at 2026-06-08T12:55:00Z
5
value 0.00551
scoring_system epss
scoring_elements 0.68403
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5097
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5097
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5097
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5097
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33kv-ye2c-ebax
26
url VCID-33mh-s92h-c7ht
vulnerability_id VCID-33mh-s92h-c7ht
summary 
phpMyAdmin vulnerable to Cross-Site Request Forgery
The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5739
reference_id
reference_type
scores
0
value 0.00919
scoring_system epss
scoring_elements 0.76369
published_at 2026-06-06T12:55:00Z
1
value 0.00919
scoring_system epss
scoring_elements 0.76367
published_at 2026-06-05T12:55:00Z
2
value 0.00919
scoring_system epss
scoring_elements 0.76339
published_at 2026-06-04T12:55:00Z
3
value 0.00919
scoring_system epss
scoring_elements 0.76372
published_at 2026-06-09T12:55:00Z
4
value 0.00919
scoring_system epss
scoring_elements 0.7636
published_at 2026-06-07T12:55:00Z
5
value 0.00919
scoring_system epss
scoring_elements 0.76349
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5739
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb
19
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
20
reference_url https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389
21
reference_url https://www.phpmyadmin.net/security/PMASA-2016-28
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-28
22
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5739
reference_id CVE-2016-5739
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5739
24
reference_url https://github.com/advisories/GHSA-2p7v-jm8m-g3qq
reference_id GHSA-2p7v-jm8m-g3qq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2p7v-jm8m-g3qq
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5739, GHSA-2p7v-jm8m-g3qq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33mh-s92h-c7ht
27
url VCID-35rp-cxt5-m3gz
vulnerability_id VCID-35rp-cxt5-m3gz
summary phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0653
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36054
published_at 2026-06-04T12:55:00Z
1
value 0.00156
scoring_system epss
scoring_elements 0.36148
published_at 2026-06-05T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36158
published_at 2026-06-06T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.36117
published_at 2026-06-07T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36074
published_at 2026-06-08T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36087
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0653
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0653
2
reference_url https://security.gentoo.org/glsa/200503-07
reference_id GLSA-200503-07
reference_type
scores
url https://security.gentoo.org/glsa/200503-07
fixed_packages
0
url pkg:deb/debian/phpmyadmin@3:2.6.1-pl3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@3:2.6.1-pl3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@3:2.6.1-pl3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-0653
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35rp-cxt5-m3gz
28
url VCID-38kp-du6g-wkg1
vulnerability_id VCID-38kp-du6g-wkg1
summary The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-2630
reference_id
reference_type
scores
0
value 0.02091
scoring_system epss
scoring_elements 0.84343
published_at 2026-06-04T12:55:00Z
1
value 0.02091
scoring_system epss
scoring_elements 0.84367
published_at 2026-06-05T12:55:00Z
2
value 0.02091
scoring_system epss
scoring_elements 0.84371
published_at 2026-06-06T12:55:00Z
3
value 0.02091
scoring_system epss
scoring_elements 0.84364
published_at 2026-06-07T12:55:00Z
4
value 0.02091
scoring_system epss
scoring_elements 0.84352
published_at 2026-06-08T12:55:00Z
5
value 0.02091
scoring_system epss
scoring_elements 0.84365
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-2630
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2630
2
reference_url https://security.gentoo.org/glsa/200410-14
reference_id GLSA-200410-14
reference_type
scores
url https://security.gentoo.org/glsa/200410-14
fixed_packages
0
url pkg:deb/debian/phpmyadmin@2:2.6.0-pl2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@2:2.6.0-pl2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@2:2.6.0-pl2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2004-2630
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-38kp-du6g-wkg1
29
url VCID-38tp-acy8-57hj
vulnerability_id VCID-38tp-acy8-57hj
summary 
Improper Input Validation
phpMyAdmin is vulnerable to a DoS weakness in the table editing functionality.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000014
reference_id
reference_type
scores
0
value 0.01144
scoring_system epss
scoring_elements 0.78815
published_at 2026-06-09T12:55:00Z
1
value 0.01144
scoring_system epss
scoring_elements 0.78784
published_at 2026-06-04T12:55:00Z
2
value 0.01144
scoring_system epss
scoring_elements 0.78809
published_at 2026-06-05T12:55:00Z
3
value 0.01144
scoring_system epss
scoring_elements 0.78817
published_at 2026-06-06T12:55:00Z
4
value 0.01144
scoring_system epss
scoring_elements 0.78808
published_at 2026-06-07T12:55:00Z
5
value 0.01144
scoring_system epss
scoring_elements 0.78797
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000014
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000014
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000014
2
reference_url https://web.archive.org/web/20210123220105/http://www.securityfocus.com/bid/95721
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123220105/http://www.securityfocus.com/bid/95721
3
reference_url https://www.phpmyadmin.net/security/PMASA-2017-3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-3
4
reference_url http://www.securityfocus.com/bid/95721
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95721
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000014
reference_id CVE-2017-1000014
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000014
6
reference_url https://github.com/advisories/GHSA-9hrc-rwrq-v6mh
reference_id GHSA-9hrc-rwrq-v6mh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9hrc-rwrq-v6mh
7
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-1000014, GHSA-9hrc-rwrq-v6mh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-38tp-acy8-57hj
30
url VCID-3ejj-7geu-c7da
vulnerability_id VCID-3ejj-7geu-c7da
summary The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-1392
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16418
published_at 2026-06-04T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.165
published_at 2026-06-05T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16497
published_at 2026-06-06T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16455
published_at 2026-06-07T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.16374
published_at 2026-06-08T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.16391
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-1392
1
reference_url https://security.gentoo.org/glsa/200504-30
reference_id GLSA-200504-30
reference_type
scores
url https://security.gentoo.org/glsa/200504-30
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-1392
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ejj-7geu-c7da
31
url VCID-3trr-z4gq-pbdr
vulnerability_id VCID-3trr-z4gq-pbdr
summary phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4999
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48525
published_at 2026-06-04T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48587
published_at 2026-06-05T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.48595
published_at 2026-06-06T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48576
published_at 2026-06-07T12:55:00Z
4
value 0.0025
scoring_system epss
scoring_elements 0.48548
published_at 2026-06-08T12:55:00Z
5
value 0.0025
scoring_system epss
scoring_elements 0.48561
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4999
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4999
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4999
2
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-4999
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3trr-z4gq-pbdr
32
url VCID-3va7-xx14-gkds
vulnerability_id VCID-3va7-xx14-gkds
summary 
Information Exposure
An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6613
reference_id
reference_type
scores
0
value 0.00324
scoring_system epss
scoring_elements 0.55792
published_at 2026-06-05T12:55:00Z
1
value 0.00324
scoring_system epss
scoring_elements 0.55788
published_at 2026-06-09T12:55:00Z
2
value 0.00324
scoring_system epss
scoring_elements 0.55767
published_at 2026-06-08T12:55:00Z
3
value 0.00324
scoring_system epss
scoring_elements 0.55798
published_at 2026-06-06T12:55:00Z
4
value 0.00324
scoring_system epss
scoring_elements 0.55735
published_at 2026-06-04T12:55:00Z
5
value 0.00324
scoring_system epss
scoring_elements 0.55785
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6613
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-36
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-36
6
reference_url http://www.securityfocus.com/bid/94115
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94115
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6613
reference_id CVE-2016-6613
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6613
8
reference_url https://github.com/advisories/GHSA-6j2v-g9rg-qcm5
reference_id GHSA-6j2v-g9rg-qcm5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6j2v-g9rg-qcm5
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6613, GHSA-6j2v-g9rg-qcm5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3va7-xx14-gkds
33
url VCID-3y3t-vv23-h7bk
vulnerability_id VCID-3y3t-vv23-h7bk
summary phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0095
reference_id
reference_type
scores
0
value 0.00706
scoring_system epss
scoring_elements 0.72508
published_at 2026-06-04T12:55:00Z
1
value 0.00706
scoring_system epss
scoring_elements 0.72549
published_at 2026-06-05T12:55:00Z
2
value 0.00706
scoring_system epss
scoring_elements 0.72556
published_at 2026-06-06T12:55:00Z
3
value 0.00706
scoring_system epss
scoring_elements 0.72537
published_at 2026-06-07T12:55:00Z
4
value 0.00706
scoring_system epss
scoring_elements 0.72524
published_at 2026-06-08T12:55:00Z
5
value 0.00706
scoring_system epss
scoring_elements 0.72548
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0095
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0095
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0095
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399329
reference_id 399329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399329
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-0095
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3y3t-vv23-h7bk
34
url VCID-44uc-xrvp-7bet
vulnerability_id VCID-44uc-xrvp-7bet
summary 
Incomplete List of Disallowed Inputs
An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6624
reference_id
reference_type
scores
0
value 0.00421
scoring_system epss
scoring_elements 0.62366
published_at 2026-06-05T12:55:00Z
1
value 0.00421
scoring_system epss
scoring_elements 0.62362
published_at 2026-06-09T12:55:00Z
2
value 0.00421
scoring_system epss
scoring_elements 0.62347
published_at 2026-06-08T12:55:00Z
3
value 0.00421
scoring_system epss
scoring_elements 0.62373
published_at 2026-06-06T12:55:00Z
4
value 0.00421
scoring_system epss
scoring_elements 0.6232
published_at 2026-06-04T12:55:00Z
5
value 0.00421
scoring_system epss
scoring_elements 0.62363
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6624
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-47
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-47
6
reference_url http://www.securityfocus.com/bid/92489
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92489
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6624
reference_id CVE-2016-6624
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6624
8
reference_url https://github.com/advisories/GHSA-mhxj-6vf8-mwv3
reference_id GHSA-mhxj-6vf8-mwv3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mhxj-6vf8-mwv3
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6624, GHSA-mhxj-6vf8-mwv3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44uc-xrvp-7bet
35
url VCID-47ju-f89a-eud8
vulnerability_id VCID-47ju-f89a-eud8
summary 
Improper Authentication
An issue was discovered in phpMyAdm. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23807
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.34719
published_at 2026-06-04T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.34781
published_at 2026-06-09T12:55:00Z
2
value 0.00146
scoring_system epss
scoring_elements 0.3476
published_at 2026-06-08T12:55:00Z
3
value 0.00146
scoring_system epss
scoring_elements 0.34795
published_at 2026-06-07T12:55:00Z
4
value 0.00146
scoring_system epss
scoring_elements 0.34831
published_at 2026-06-06T12:55:00Z
5
value 0.00146
scoring_system epss
scoring_elements 0.34815
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23807
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32
4
reference_url https://security.gentoo.org/glsa/202311-17
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202311-17
5
reference_url https://www.phpmyadmin.net/security/PMASA-2022-1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2022-1
6
reference_url https://www.phpmyadmin.net/security/PMASA-2022-1/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2022-1/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23807
reference_id CVE-2022-23807
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23807
8
reference_url https://github.com/advisories/GHSA-8wf2-3ggj-78q9
reference_id GHSA-8wf2-3ggj-78q9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8wf2-3ggj-78q9
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.1.3%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.1.3%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.1.3%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2022-23807, GHSA-8wf2-3ggj-78q9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47ju-f89a-eud8
36
url VCID-4avx-e9mf-2yb1
vulnerability_id VCID-4avx-e9mf-2yb1
summary 
Uncontrolled Resouce Consumption
An issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6618
reference_id
reference_type
scores
0
value 0.00756
scoring_system epss
scoring_elements 0.73626
published_at 2026-06-04T12:55:00Z
1
value 0.00756
scoring_system epss
scoring_elements 0.73664
published_at 2026-06-09T12:55:00Z
2
value 0.00756
scoring_system epss
scoring_elements 0.73638
published_at 2026-06-08T12:55:00Z
3
value 0.00756
scoring_system epss
scoring_elements 0.73666
published_at 2026-06-06T12:55:00Z
4
value 0.00756
scoring_system epss
scoring_elements 0.73661
published_at 2026-06-05T12:55:00Z
5
value 0.00756
scoring_system epss
scoring_elements 0.73652
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6618
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-41
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-41
6
reference_url http://www.securityfocus.com/bid/95047
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95047
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6618
reference_id CVE-2016-6618
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6618
8
reference_url https://github.com/advisories/GHSA-rv6m-chvv-wmxg
reference_id GHSA-rv6m-chvv-wmxg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv6m-chvv-wmxg
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6618, GHSA-rv6m-chvv-wmxg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4avx-e9mf-2yb1
37
url VCID-4dtg-44bh-cbfz
vulnerability_id VCID-4dtg-44bh-cbfz
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_theme parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1258
reference_id
reference_type
scores
0
value 0.08432
scoring_system epss
scoring_elements 0.92484
published_at 2026-06-04T12:55:00Z
1
value 0.08432
scoring_system epss
scoring_elements 0.92497
published_at 2026-06-05T12:55:00Z
2
value 0.08432
scoring_system epss
scoring_elements 0.92492
published_at 2026-06-06T12:55:00Z
3
value 0.08432
scoring_system epss
scoring_elements 0.92487
published_at 2026-06-07T12:55:00Z
4
value 0.08432
scoring_system epss
scoring_elements 0.92486
published_at 2026-06-08T12:55:00Z
5
value 0.08432
scoring_system epss
scoring_elements 0.92504
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1258
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1258
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1258
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=382228
reference_id 382228
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=382228
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27435.txt
reference_id CVE-2006-1258;OSVDB-23943
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27435.txt
4
reference_url https://www.securityfocus.com/bid/17142/info
reference_id CVE-2006-1258;OSVDB-23943
reference_type exploit
scores
url https://www.securityfocus.com/bid/17142/info
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.0.2-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.0.2-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.0.2-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-1258
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dtg-44bh-cbfz
38
url VCID-4hpq-hacm-nqff
vulnerability_id VCID-4hpq-hacm-nqff
summary Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5718
reference_id
reference_type
scores
0
value 0.01116
scoring_system epss
scoring_elements 0.78538
published_at 2026-06-04T12:55:00Z
1
value 0.01116
scoring_system epss
scoring_elements 0.78565
published_at 2026-06-05T12:55:00Z
2
value 0.01116
scoring_system epss
scoring_elements 0.78573
published_at 2026-06-06T12:55:00Z
3
value 0.01116
scoring_system epss
scoring_elements 0.78564
published_at 2026-06-07T12:55:00Z
4
value 0.01116
scoring_system epss
scoring_elements 0.78552
published_at 2026-06-08T12:55:00Z
5
value 0.01116
scoring_system epss
scoring_elements 0.78569
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5718
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5718
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396638
reference_id 396638
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396638
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.0.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.0.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.0.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-5718
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hpq-hacm-nqff
39
url VCID-4kax-4bpz-g7c5
vulnerability_id VCID-4kax-4bpz-g7c5
summary 
Covert Timing Channel
`libraries/common.inc.php` in phpMyAdmin does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2041
reference_id
reference_type
scores
0
value 0.01029
scoring_system epss
scoring_elements 0.77691
published_at 2026-06-09T12:55:00Z
1
value 0.01029
scoring_system epss
scoring_elements 0.77659
published_at 2026-06-04T12:55:00Z
2
value 0.01029
scoring_system epss
scoring_elements 0.77687
published_at 2026-06-05T12:55:00Z
3
value 0.01029
scoring_system epss
scoring_elements 0.77694
published_at 2026-06-06T12:55:00Z
4
value 0.01029
scoring_system epss
scoring_elements 0.77684
published_at 2026-06-07T12:55:00Z
5
value 0.01029
scoring_system epss
scoring_elements 0.77673
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2041
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
18
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49
20
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
21
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2041
reference_id CVE-2016-2041
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2041
23
reference_url https://github.com/advisories/GHSA-8m97-xc46-rw9w
reference_id GHSA-8m97-xc46-rw9w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8m97-xc46-rw9w
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2041, GHSA-8m97-xc46-rw9w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4kax-4bpz-g7c5
40
url VCID-4vgu-cagj-hfhb
vulnerability_id VCID-4vgu-cagj-hfhb
summary 
Command Injection
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6609
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61709
published_at 2026-06-04T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61756
published_at 2026-06-09T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.61739
published_at 2026-06-08T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.61766
published_at 2026-06-06T12:55:00Z
4
value 0.00411
scoring_system epss
scoring_elements 0.61758
published_at 2026-06-05T12:55:00Z
5
value 0.00411
scoring_system epss
scoring_elements 0.61754
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6609
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-32
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-32
6
reference_url http://www.securityfocus.com/bid/94112
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94112
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6609
reference_id CVE-2016-6609
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6609
8
reference_url https://github.com/advisories/GHSA-wpww-hx7x-xfjh
reference_id GHSA-wpww-hx7x-xfjh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wpww-hx7x-xfjh
9
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6609, GHSA-wpww-hx7x-xfjh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4vgu-cagj-hfhb
41
url VCID-4w72-3j8g-5kbg
vulnerability_id VCID-4w72-3j8g-5kbg
summary Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-2631
reference_id
reference_type
scores
0
value 0.14197
scoring_system epss
scoring_elements 0.94512
published_at 2026-06-04T12:55:00Z
1
value 0.14197
scoring_system epss
scoring_elements 0.94521
published_at 2026-06-05T12:55:00Z
2
value 0.14197
scoring_system epss
scoring_elements 0.94522
published_at 2026-06-06T12:55:00Z
3
value 0.14197
scoring_system epss
scoring_elements 0.94524
published_at 2026-06-07T12:55:00Z
4
value 0.14197
scoring_system epss
scoring_elements 0.94525
published_at 2026-06-08T12:55:00Z
5
value 0.14197
scoring_system epss
scoring_elements 0.9453
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-2631
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2631
2
reference_url https://security.gentoo.org/glsa/200407-22
reference_id GLSA-200407-22
reference_type
scores
url https://security.gentoo.org/glsa/200407-22
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/309.c
reference_id OSVDB-7314;CVE-2004-2631
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/309.c
fixed_packages
0
url pkg:deb/debian/phpmyadmin@1:2.5.7-pl1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@1:2.5.7-pl1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@1:2.5.7-pl1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2004-2631
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4w72-3j8g-5kbg
42
url VCID-4wn2-pnbv-sked
vulnerability_id VCID-4wn2-pnbv-sked
summary 
Cross-site Scripting
In phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19970
reference_id
reference_type
scores
0
value 0.01296
scoring_system epss
scoring_elements 0.80037
published_at 2026-06-04T12:55:00Z
1
value 0.01296
scoring_system epss
scoring_elements 0.80067
published_at 2026-06-06T12:55:00Z
2
value 0.01296
scoring_system epss
scoring_elements 0.80063
published_at 2026-06-05T12:55:00Z
3
value 0.01296
scoring_system epss
scoring_elements 0.80072
published_at 2026-06-09T12:55:00Z
4
value 0.01296
scoring_system epss
scoring_elements 0.80052
published_at 2026-06-08T12:55:00Z
5
value 0.01296
scoring_system epss
scoring_elements 0.80062
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19970
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
4
reference_url https://security.gentoo.org/glsa/201904-16
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-8
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-8/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-8/
7
reference_url http://www.securityfocus.com/bid/106181
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106181
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19970
reference_id CVE-2018-19970
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19970
9
reference_url https://github.com/advisories/GHSA-8987-93fh-rcwq
reference_id GHSA-8987-93fh-rcwq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8987-93fh-rcwq
10
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
11
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-19970, GHSA-8987-93fh-rcwq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4wn2-pnbv-sked
43
url VCID-52xs-45kd-w3hz
vulnerability_id VCID-52xs-45kd-w3hz
summary 
Information Exposure
An attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19968
reference_id
reference_type
scores
0
value 0.02384
scoring_system epss
scoring_elements 0.85315
published_at 2026-06-05T12:55:00Z
1
value 0.02384
scoring_system epss
scoring_elements 0.85313
published_at 2026-06-09T12:55:00Z
2
value 0.02384
scoring_system epss
scoring_elements 0.853
published_at 2026-06-08T12:55:00Z
3
value 0.02384
scoring_system epss
scoring_elements 0.8532
published_at 2026-06-06T12:55:00Z
4
value 0.02384
scoring_system epss
scoring_elements 0.85291
published_at 2026-06-04T12:55:00Z
5
value 0.02384
scoring_system epss
scoring_elements 0.85314
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19968
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732
4
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html
5
reference_url https://security.gentoo.org/glsa/201904-16
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-6
7
reference_url https://www.phpmyadmin.net/security/PMASA-2018-6/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-6/
8
reference_url http://www.securityfocus.com/bid/106178
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106178
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19968
reference_id CVE-2018-19968
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19968
10
reference_url https://github.com/advisories/GHSA-xc97-r49q-cxgc
reference_id GHSA-xc97-r49q-cxgc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xc97-r49q-cxgc
11
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
12
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-19968, GHSA-xc97-r49q-cxgc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-52xs-45kd-w3hz
44
url VCID-59mu-8aep-9ycn
vulnerability_id VCID-59mu-8aep-9ycn
summary 
phpMyAdmin XSS when checking tables
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24530
reference_id
reference_type
scores
0
value 0.00305
scoring_system epss
scoring_elements 0.54052
published_at 2026-06-05T12:55:00Z
1
value 0.00305
scoring_system epss
scoring_elements 0.54025
published_at 2026-06-08T12:55:00Z
2
value 0.00305
scoring_system epss
scoring_elements 0.54048
published_at 2026-06-09T12:55:00Z
3
value 0.00305
scoring_system epss
scoring_elements 0.54059
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24530
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7
4
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html
5
reference_url https://www.phpmyadmin.net/security/PMASA-2025-1
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2025-1
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-24530
reference_id CVE-2025-24530
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-24530
7
reference_url https://github.com/advisories/GHSA-222v-cx2c-q2f5
reference_id GHSA-222v-cx2c-q2f5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-222v-cx2c-q2f5
8
reference_url https://www.phpmyadmin.net/security/PMASA-2025-1/
reference_id PMASA-2025-1
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T15:02:00Z/
url https://www.phpmyadmin.net/security/PMASA-2025-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really5.2.2%2B20250121%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really5.2.2%2B20250121%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really5.2.2%252B20250121%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2025-24530, GHSA-222v-cx2c-q2f5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59mu-8aep-9ycn
45
url VCID-5agv-hmbw-hfhe
vulnerability_id VCID-5agv-hmbw-hfhe
summary Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5977.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5977.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5977
reference_id
reference_type
scores
0
value 0.00693
scoring_system epss
scoring_elements 0.72255
published_at 2026-06-04T12:55:00Z
1
value 0.00693
scoring_system epss
scoring_elements 0.72296
published_at 2026-06-05T12:55:00Z
2
value 0.00693
scoring_system epss
scoring_elements 0.72302
published_at 2026-06-06T12:55:00Z
3
value 0.00693
scoring_system epss
scoring_elements 0.72282
published_at 2026-06-07T12:55:00Z
4
value 0.00693
scoring_system epss
scoring_elements 0.72268
published_at 2026-06-08T12:55:00Z
5
value 0.00693
scoring_system epss
scoring_elements 0.72293
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5977
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5977
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=385921
reference_id 385921
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=385921
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451465
reference_id 451465
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451465
5
reference_url https://security.gentoo.org/glsa/200903-32
reference_id GLSA-200903-32
reference_type
scores
url https://security.gentoo.org/glsa/200903-32
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.2.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.2.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.2.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-5977
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5agv-hmbw-hfhe
46
url VCID-5bu8-wy7w-bqfc
vulnerability_id VCID-5bu8-wy7w-bqfc
summary An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector (IV) is used to hash the username and password stored in the phpMyAdmin cookie. If a user has the same password as their username, an attacker who examines the browser cookie can see that they are the same - but the attacker can not directly decode these values from the cookie as it is still hashed. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6606
reference_id
reference_type
scores
0
value 0.00377
scoring_system epss
scoring_elements 0.59533
published_at 2026-06-04T12:55:00Z
1
value 0.00377
scoring_system epss
scoring_elements 0.59583
published_at 2026-06-05T12:55:00Z
2
value 0.00377
scoring_system epss
scoring_elements 0.59586
published_at 2026-06-06T12:55:00Z
3
value 0.00377
scoring_system epss
scoring_elements 0.59577
published_at 2026-06-07T12:55:00Z
4
value 0.00377
scoring_system epss
scoring_elements 0.59558
published_at 2026-06-08T12:55:00Z
5
value 0.00377
scoring_system epss
scoring_elements 0.59575
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6606
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6606
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6606
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bu8-wy7w-bqfc
47
url VCID-5dd1-nzdy-zfez
vulnerability_id VCID-5dd1-nzdy-zfez
summary 
Cross-site Scripting
An issue was discovered in phpMyAdm. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-15605
reference_id
reference_type
scores
0
value 0.00675
scoring_system epss
scoring_elements 0.71849
published_at 2026-06-04T12:55:00Z
1
value 0.00675
scoring_system epss
scoring_elements 0.71895
published_at 2026-06-06T12:55:00Z
2
value 0.00675
scoring_system epss
scoring_elements 0.71888
published_at 2026-06-05T12:55:00Z
3
value 0.00675
scoring_system epss
scoring_elements 0.71882
published_at 2026-06-09T12:55:00Z
4
value 0.00675
scoring_system epss
scoring_elements 0.71859
published_at 2026-06-08T12:55:00Z
5
value 0.00675
scoring_system epss
scoring_elements 0.71873
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-15605
1
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1
3
reference_url https://www.phpmyadmin.net/security/PMASA-2018-5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-5
4
reference_url https://www.phpmyadmin.net/security/PMASA-2018-5/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-5/
5
reference_url http://www.securityfocus.com/bid/105168
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/105168
6
reference_url http://www.securitytracker.com/id/1041548
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1041548
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-15605
reference_id CVE-2018-15605
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-15605
8
reference_url https://github.com/advisories/GHSA-c958-4j9x-q7w4
reference_id GHSA-c958-4j9x-q7w4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c958-4j9x-q7w4
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-15605, GHSA-c958-4j9x-q7w4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dd1-nzdy-zfez
48
url VCID-5jye-2stz-fqam
vulnerability_id VCID-5jye-2stz-fqam
summary 
Uncontrolled Resource Consumption
The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that is vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21252
reference_id
reference_type
scores
0
value 0.00667
scoring_system epss
scoring_elements 0.71688
published_at 2026-06-09T12:55:00Z
1
value 0.00667
scoring_system epss
scoring_elements 0.71704
published_at 2026-06-06T12:55:00Z
2
value 0.00667
scoring_system epss
scoring_elements 0.7168
published_at 2026-06-07T12:55:00Z
3
value 0.00667
scoring_system epss
scoring_elements 0.71666
published_at 2026-06-08T12:55:00Z
4
value 0.00727
scoring_system epss
scoring_elements 0.72983
published_at 2026-06-04T12:55:00Z
5
value 0.00727
scoring_system epss
scoring_elements 0.73021
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21252
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252
3
reference_url https://github.com/jquery-validation/jquery-validation
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation
4
reference_url https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d
5
reference_url https://github.com/jquery-validation/jquery-validation/pull/2371
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation/pull/2371
6
reference_url https://jqueryvalidation.org/#installation-via-package-managers
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jqueryvalidation.org/#installation-via-package-managers
7
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
8
reference_url https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation
9
reference_url https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/
reference_id
reference_type
scores
url https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/
10
reference_url https://security.netapp.com/advisory/ntap-20210219-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210219-0005
11
reference_url https://security.netapp.com/advisory/ntap-20210219-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210219-0005/
12
reference_url https://www.npmjs.com/package/jquery-validation
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/jquery-validation
13
reference_url https://www.nuget.org/packages/jquery.validation
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.nuget.org/packages/jquery.validation
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2096941
reference_id 2096941
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2096941
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891
reference_id 980891
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892
reference_id 980892
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21252
reference_id CVE-2021-21252
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21252
18
reference_url https://github.com/advisories/GHSA-jxwx-85vp-gvwm
reference_id GHSA-jxwx-85vp-gvwm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jxwx-85vp-gvwm
19
reference_url https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm
reference_id GHSA-jxwx-85vp-gvwm
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2021-21252, GHSA-jxwx-85vp-gvwm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5jye-2stz-fqam
49
url VCID-5ths-3mtd-dkgr
vulnerability_id VCID-5ths-3mtd-dkgr
summary phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0459
reference_id
reference_type
scores
0
value 0.00362
scoring_system epss
scoring_elements 0.58566
published_at 2026-06-04T12:55:00Z
1
value 0.00362
scoring_system epss
scoring_elements 0.58613
published_at 2026-06-09T12:55:00Z
2
value 0.00362
scoring_system epss
scoring_elements 0.58619
published_at 2026-06-06T12:55:00Z
3
value 0.00362
scoring_system epss
scoring_elements 0.58612
published_at 2026-06-07T12:55:00Z
4
value 0.00362
scoring_system epss
scoring_elements 0.58598
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0459
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0459
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-0459
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ths-3mtd-dkgr
50
url VCID-5yb6-ue3h-wydu
vulnerability_id VCID-5yb6-ue3h-wydu
summary Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0992
reference_id
reference_type
scores
0
value 0.10163
scoring_system epss
scoring_elements 0.93247
published_at 2026-06-04T12:55:00Z
1
value 0.10163
scoring_system epss
scoring_elements 0.93258
published_at 2026-06-06T12:55:00Z
2
value 0.10163
scoring_system epss
scoring_elements 0.93256
published_at 2026-06-07T12:55:00Z
3
value 0.10163
scoring_system epss
scoring_elements 0.93254
published_at 2026-06-08T12:55:00Z
4
value 0.10163
scoring_system epss
scoring_elements 0.93262
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0992
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0992
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0992
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25330.txt
reference_id CVE-2005-0992;OSVDB-15226
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25330.txt
3
reference_url https://www.securityfocus.com/bid/12982/info
reference_id CVE-2005-0992;OSVDB-15226
reference_type exploit
scores
url https://www.securityfocus.com/bid/12982/info
4
reference_url https://security.gentoo.org/glsa/200504-08
reference_id GLSA-200504-08
reference_type
scores
url https://security.gentoo.org/glsa/200504-08
fixed_packages
0
url pkg:deb/debian/phpmyadmin@3:2.6.2-rc1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@3:2.6.2-rc1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@3:2.6.2-rc1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-0992
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yb6-ue3h-wydu
51
url VCID-5zcv-w67e-67dr
vulnerability_id VCID-5zcv-w67e-67dr
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2869
reference_id
reference_type
scores
0
value 0.11812
scoring_system epss
scoring_elements 0.93847
published_at 2026-06-04T12:55:00Z
1
value 0.11812
scoring_system epss
scoring_elements 0.93857
published_at 2026-06-05T12:55:00Z
2
value 0.11812
scoring_system epss
scoring_elements 0.93856
published_at 2026-06-07T12:55:00Z
3
value 0.11812
scoring_system epss
scoring_elements 0.93855
published_at 2026-06-08T12:55:00Z
4
value 0.11812
scoring_system epss
scoring_elements 0.9386
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2869
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2869
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327345
reference_id 327345
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327345
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26199.txt
reference_id CVE-2005-2869;OSVDB-19048
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26199.txt
4
reference_url https://www.securityfocus.com/bid/14675/info
reference_id CVE-2005-2869;OSVDB-19048
reference_type exploit
scores
url https://www.securityfocus.com/bid/14675/info
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.4-pl1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.4-pl1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.4-pl1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-2869
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zcv-w67e-67dr
52
url VCID-66fp-4jdj-xuba
vulnerability_id VCID-66fp-4jdj-xuba
summary Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3457
reference_id
reference_type
scores
0
value 0.00586
scoring_system epss
scoring_elements 0.69451
published_at 2026-06-04T12:55:00Z
1
value 0.00586
scoring_system epss
scoring_elements 0.69489
published_at 2026-06-05T12:55:00Z
2
value 0.00586
scoring_system epss
scoring_elements 0.69497
published_at 2026-06-06T12:55:00Z
3
value 0.00586
scoring_system epss
scoring_elements 0.69488
published_at 2026-06-07T12:55:00Z
4
value 0.00586
scoring_system epss
scoring_elements 0.69476
published_at 2026-06-08T12:55:00Z
5
value 0.00586
scoring_system epss
scoring_elements 0.69495
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3457
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3457
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3457
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.8~rc1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.8~rc1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.8~rc1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-3457
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66fp-4jdj-xuba
53
url VCID-67va-epqd-vydp
vulnerability_id VCID-67va-epqd-vydp
summary Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3592
reference_id
reference_type
scores
0
value 0.0018
scoring_system epss
scoring_elements 0.39359
published_at 2026-06-09T12:55:00Z
1
value 0.0018
scoring_system epss
scoring_elements 0.3931
published_at 2026-06-04T12:55:00Z
2
value 0.0018
scoring_system epss
scoring_elements 0.39399
published_at 2026-06-05T12:55:00Z
3
value 0.0018
scoring_system epss
scoring_elements 0.39403
published_at 2026-06-06T12:55:00Z
4
value 0.0018
scoring_system epss
scoring_elements 0.39375
published_at 2026-06-07T12:55:00Z
5
value 0.0018
scoring_system epss
scoring_elements 0.39346
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3592
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=738681
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=738681
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3592
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3592
3
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2f28ce9c800274190418da0945ce3647d36e1db6
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2f28ce9c800274190418da0945ce3647d36e1db6
5
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3592
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3592
7
reference_url http://www.openwall.com/lists/oss-security/2011/09/30/8
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/09/30/8
8
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
9
reference_url https://github.com/advisories/GHSA-5p69-rmx8-7gw7
reference_id GHSA-5p69-rmx8-7gw7
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5p69-rmx8-7gw7
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.5-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.5-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-3592, GHSA-5p69-rmx8-7gw7
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67va-epqd-vydp
54
url VCID-6gs5-cswx-bfeb
vulnerability_id VCID-6gs5-cswx-bfeb
summary phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2042.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2042.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2042
reference_id
reference_type
scores
0
value 0.00577
scoring_system epss
scoring_elements 0.69183
published_at 2026-06-04T12:55:00Z
1
value 0.00577
scoring_system epss
scoring_elements 0.69222
published_at 2026-06-05T12:55:00Z
2
value 0.00577
scoring_system epss
scoring_elements 0.69231
published_at 2026-06-06T12:55:00Z
3
value 0.00577
scoring_system epss
scoring_elements 0.69223
published_at 2026-06-07T12:55:00Z
4
value 0.00577
scoring_system epss
scoring_elements 0.69208
published_at 2026-06-08T12:55:00Z
5
value 0.00577
scoring_system epss
scoring_elements 0.69227
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2042
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2042
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2042
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302682
reference_id 1302682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302682
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2042
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6gs5-cswx-bfeb
55
url VCID-6r4m-kxj7-ybb6
vulnerability_id VCID-6r4m-kxj7-ybb6
summary 
Improper Control of Generation of Code ('Code Injection')
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.
references
0
reference_url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2506
reference_id
reference_type
scores
0
value 0.33677
scoring_system epss
scoring_elements 0.97042
published_at 2026-06-06T12:55:00Z
1
value 0.33677
scoring_system epss
scoring_elements 0.97037
published_at 2026-06-04T12:55:00Z
2
value 0.33677
scoring_system epss
scoring_elements 0.97041
published_at 2026-06-05T12:55:00Z
3
value 0.33677
scoring_system epss
scoring_elements 0.97048
published_at 2026-06-09T12:55:00Z
4
value 0.33677
scoring_system epss
scoring_elements 0.97044
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2506
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506
5
reference_url http://securityreason.com/securityalert/8306
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/8306
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
8
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4
9
reference_url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
10
reference_url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
11
reference_url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
12
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
13
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
14
reference_url http://www.debian.org/security/2011/dsa-2286
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2286
15
reference_url http://www.exploit-db.com/exploits/17514
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.exploit-db.com/exploits/17514
16
reference_url http://www.exploit-db.com/exploits/17514/
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/17514/
17
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/2
18
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/6
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/6
19
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/8
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/8
20
reference_url http://www.openwall.com/lists/oss-security/2011/06/29/11
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/29/11
21
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2506
reference_id CVE-2011-2506
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2506
23
reference_url https://github.com/advisories/GHSA-p6h7-29r2-g88f
reference_id GHSA-p6h7-29r2-g88f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p6h7-29r2-g88f
24
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2506, GHSA-p6h7-29r2-g88f
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6r4m-kxj7-ybb6
56
url VCID-73vh-drey-2fdm
vulnerability_id VCID-73vh-drey-2fdm
summary 
phpMyAdmin CRLF Injection Vulnerability
CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3621
reference_id
reference_type
scores
0
value 0.00596
scoring_system epss
scoring_elements 0.69787
published_at 2026-06-05T12:55:00Z
1
value 0.00596
scoring_system epss
scoring_elements 0.69797
published_at 2026-06-09T12:55:00Z
2
value 0.00596
scoring_system epss
scoring_elements 0.69775
published_at 2026-06-08T12:55:00Z
3
value 0.00596
scoring_system epss
scoring_elements 0.69786
published_at 2026-06-07T12:55:00Z
4
value 0.00596
scoring_system epss
scoring_elements 0.69796
published_at 2026-06-06T12:55:00Z
5
value 0.00596
scoring_system epss
scoring_elements 0.69747
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3621
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3621
2
reference_url https://web.archive.org/web/20060514052317/http://securitytracker.com/alerts/2005/Nov/1015213.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20060514052317/http://securitytracker.com/alerts/2005/Nov/1015213.html
3
reference_url https://web.archive.org/web/20061015000000*/http://www.novell.com/linux/security/advisories/2005_28_sr.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20061015000000*/http://www.novell.com/linux/security/advisories/2005_28_sr.html
4
reference_url https://www.debian.org/security/2006/dsa-1207
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2006/dsa-1207
5
reference_url https://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339437
reference_id 339437
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339437
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-3621
reference_id CVE-2005-3621
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2005-3621
8
reference_url https://github.com/advisories/GHSA-wj42-52pv-wfj2
reference_id GHSA-wj42-52pv-wfj2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wj42-52pv-wfj2
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-3621, GHSA-wj42-52pv-wfj2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73vh-drey-2fdm
57
url VCID-7avk-rmwd-yugt
vulnerability_id VCID-7avk-rmwd-yugt
summary An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6620
reference_id
reference_type
scores
0
value 0.02323
scoring_system epss
scoring_elements 0.85098
published_at 2026-06-04T12:55:00Z
1
value 0.02323
scoring_system epss
scoring_elements 0.85122
published_at 2026-06-05T12:55:00Z
2
value 0.02323
scoring_system epss
scoring_elements 0.85126
published_at 2026-06-06T12:55:00Z
3
value 0.02323
scoring_system epss
scoring_elements 0.85121
published_at 2026-06-07T12:55:00Z
4
value 0.02323
scoring_system epss
scoring_elements 0.85111
published_at 2026-06-08T12:55:00Z
5
value 0.02323
scoring_system epss
scoring_elements 0.85125
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6620
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6620
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6620
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7avk-rmwd-yugt
58
url VCID-7m4m-5dm1-9uhn
vulnerability_id VCID-7m4m-5dm1-9uhn
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3665
reference_id
reference_type
scores
0
value 0.01116
scoring_system epss
scoring_elements 0.78538
published_at 2026-06-04T12:55:00Z
1
value 0.01116
scoring_system epss
scoring_elements 0.78565
published_at 2026-06-05T12:55:00Z
2
value 0.01116
scoring_system epss
scoring_elements 0.78573
published_at 2026-06-06T12:55:00Z
3
value 0.01116
scoring_system epss
scoring_elements 0.78564
published_at 2026-06-07T12:55:00Z
4
value 0.01116
scoring_system epss
scoring_elements 0.78552
published_at 2026-06-08T12:55:00Z
5
value 0.01116
scoring_system epss
scoring_elements 0.78569
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3665
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3665
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340438
reference_id 340438
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340438
3
reference_url https://security.gentoo.org/glsa/200512-03
reference_id GLSA-200512-03
reference_type
scores
url https://security.gentoo.org/glsa/200512-03
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-3665
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7m4m-5dm1-9uhn
59
url VCID-7ntf-d3af-nbbk
vulnerability_id VCID-7ntf-d3af-nbbk
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8958
reference_id
reference_type
scores
0
value 0.00604
scoring_system epss
scoring_elements 0.69981
published_at 2026-06-04T12:55:00Z
1
value 0.00604
scoring_system epss
scoring_elements 0.70022
published_at 2026-06-05T12:55:00Z
2
value 0.00604
scoring_system epss
scoring_elements 0.7003
published_at 2026-06-06T12:55:00Z
3
value 0.00604
scoring_system epss
scoring_elements 0.70017
published_at 2026-06-07T12:55:00Z
4
value 0.00604
scoring_system epss
scoring_elements 0.70005
published_at 2026-06-08T12:55:00Z
5
value 0.00604
scoring_system epss
scoring_elements 0.70029
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8958
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-8958
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ntf-d3af-nbbk
60
url VCID-7pwj-c6c4-gbeq
vulnerability_id VCID-7pwj-c6c4-gbeq
summary show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4219
reference_id
reference_type
scores
0
value 0.00283
scoring_system epss
scoring_elements 0.51911
published_at 2026-06-04T12:55:00Z
1
value 0.00283
scoring_system epss
scoring_elements 0.51971
published_at 2026-06-05T12:55:00Z
2
value 0.00283
scoring_system epss
scoring_elements 0.5198
published_at 2026-06-06T12:55:00Z
3
value 0.00283
scoring_system epss
scoring_elements 0.51959
published_at 2026-06-07T12:55:00Z
4
value 0.00283
scoring_system epss
scoring_elements 0.51928
published_at 2026-06-08T12:55:00Z
5
value 0.00283
scoring_system epss
scoring_elements 0.51948
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4219
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4219
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-4219
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7pwj-c6c4-gbeq
61
url VCID-7vpu-x9mb-q3c6
vulnerability_id VCID-7vpu-x9mb-q3c6
summary In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5504
reference_id
reference_type
scores
0
value 0.10648
scoring_system epss
scoring_elements 0.93435
published_at 2026-06-04T12:55:00Z
1
value 0.2219
scoring_system epss
scoring_elements 0.95915
published_at 2026-06-07T12:55:00Z
2
value 0.2219
scoring_system epss
scoring_elements 0.95921
published_at 2026-06-09T12:55:00Z
3
value 0.2219
scoring_system epss
scoring_elements 0.95916
published_at 2026-06-08T12:55:00Z
4
value 0.2219
scoring_system epss
scoring_elements 0.95911
published_at 2026-06-05T12:55:00Z
5
value 0.2219
scoring_system epss
scoring_elements 0.95914
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5504
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504
3
reference_url https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml
5
reference_url https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-5504
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-5504
9
reference_url https://www.phpmyadmin.net/security/PMASA-2020-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-1
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718
reference_id 948718
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt
reference_id CVE-2020-5504
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt
12
reference_url https://github.com/advisories/GHSA-fgj8-93xx-f6g6
reference_id GHSA-fgj8-93xx-f6g6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fgj8-93xx-f6g6
13
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
14
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2020-5504, GHSA-fgj8-93xx-f6g6
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7vpu-x9mb-q3c6
62
url VCID-813p-z2vq-auh8
vulnerability_id VCID-813p-z2vq-auh8
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than CVE-2005-0992.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0341
reference_id
reference_type
scores
0
value 0.01171
scoring_system epss
scoring_elements 0.79017
published_at 2026-06-04T12:55:00Z
1
value 0.01171
scoring_system epss
scoring_elements 0.79043
published_at 2026-06-05T12:55:00Z
2
value 0.01171
scoring_system epss
scoring_elements 0.7905
published_at 2026-06-06T12:55:00Z
3
value 0.01171
scoring_system epss
scoring_elements 0.7904
published_at 2026-06-07T12:55:00Z
4
value 0.01171
scoring_system epss
scoring_elements 0.79028
published_at 2026-06-08T12:55:00Z
5
value 0.01171
scoring_system epss
scoring_elements 0.79046
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0341
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0341
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-0341
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-813p-z2vq-auh8
63
url VCID-84n7-nzzg-juhz
vulnerability_id VCID-84n7-nzzg-juhz
summary phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5702
reference_id
reference_type
scores
0
value 0.00248
scoring_system epss
scoring_elements 0.48296
published_at 2026-06-05T12:55:00Z
1
value 0.00248
scoring_system epss
scoring_elements 0.48265
published_at 2026-06-09T12:55:00Z
2
value 0.00248
scoring_system epss
scoring_elements 0.48253
published_at 2026-06-08T12:55:00Z
3
value 0.00248
scoring_system epss
scoring_elements 0.483
published_at 2026-06-06T12:55:00Z
4
value 0.00248
scoring_system epss
scoring_elements 0.48233
published_at 2026-06-04T12:55:00Z
5
value 0.00248
scoring_system epss
scoring_elements 0.48281
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5702
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5702
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/27caf5b46bd0890e576fea7bd7b166a0639fdf68
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/27caf5b46bd0890e576fea7bd7b166a0639fdf68
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5702
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5702
5
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
6
reference_url https://www.phpmyadmin.net/security/PMASA-2016-18
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-18
7
reference_url https://www.phpmyadmin.net/security/PMASA-2016-18/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2016-18/
8
reference_url https://github.com/advisories/GHSA-xqw9-ffx7-g998
reference_id GHSA-xqw9-ffx7-g998
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xqw9-ffx7-g998
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5702, GHSA-xqw9-ffx7-g998
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84n7-nzzg-juhz
64
url VCID-858m-cbw6-cfc1
vulnerability_id VCID-858m-cbw6-cfc1
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4995
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43285
published_at 2026-06-04T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.43358
published_at 2026-06-05T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43368
published_at 2026-06-06T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43344
published_at 2026-06-07T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43309
published_at 2026-06-08T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43318
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4995
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
6
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-4995
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-858m-cbw6-cfc1
65
url VCID-8amg-r4d1-kubh
vulnerability_id VCID-8amg-r4d1-kubh
summary 
phpMyAdmin Vulnerable to Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php.
references
0
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=7e10c132a3887c8ebfd7a8eee356b28375f1e287
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=7e10c132a3887c8ebfd7a8eee356b28375f1e287
1
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=d3ccf798fdbd4f8a89d4088130637d8dee918492
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=d3ccf798fdbd4f8a89d4088130637d8dee918492
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=7e10c132a3887c8ebfd7a8eee356b28375f1e287
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=7e10c132a3887c8ebfd7a8eee356b28375f1e287
3
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=d3ccf798fdbd4f8a89d4088130637d8dee918492
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=d3ccf798fdbd4f8a89d4088130637d8dee918492
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1940
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52229
published_at 2026-06-09T12:55:00Z
1
value 0.00285
scoring_system epss
scoring_elements 0.52191
published_at 2026-06-04T12:55:00Z
2
value 0.00285
scoring_system epss
scoring_elements 0.52251
published_at 2026-06-05T12:55:00Z
3
value 0.00285
scoring_system epss
scoring_elements 0.52258
published_at 2026-06-06T12:55:00Z
4
value 0.00285
scoring_system epss
scoring_elements 0.52238
published_at 2026-06-07T12:55:00Z
5
value 0.00285
scoring_system epss
scoring_elements 0.52208
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1940
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1940
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1940
6
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
7
reference_url http://www.debian.org/security/2012/dsa-2391
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2391
8
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-3.php
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-3.php
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1940
reference_id CVE-2011-1940
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1940
10
reference_url https://github.com/advisories/GHSA-4q58-5x28-53wv
reference_id GHSA-4q58-5x28-53wv
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4q58-5x28-53wv
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-1940, GHSA-4q58-5x28-53wv
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8amg-r4d1-kubh
66
url VCID-8chr-uuma-syby
vulnerability_id VCID-8chr-uuma-syby
summary libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4096.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4096.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4096
reference_id
reference_type
scores
0
value 0.16932
scoring_system epss
scoring_elements 0.95089
published_at 2026-06-04T12:55:00Z
1
value 0.16932
scoring_system epss
scoring_elements 0.95098
published_at 2026-06-05T12:55:00Z
2
value 0.16932
scoring_system epss
scoring_elements 0.95099
published_at 2026-06-06T12:55:00Z
3
value 0.16932
scoring_system epss
scoring_elements 0.951
published_at 2026-06-08T12:55:00Z
4
value 0.16932
scoring_system epss
scoring_elements 0.95104
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4096
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4096
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4096
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=462430
reference_id 462430
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=462430
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32383.txt
reference_id CVE-2008-4096;OSVDB-48154
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32383.txt
5
reference_url https://www.securityfocus.com/bid/31188/info
reference_id CVE-2008-4096;OSVDB-48154
reference_type exploit
scores
url https://www.securityfocus.com/bid/31188/info
6
reference_url https://security.gentoo.org/glsa/200903-32
reference_id GLSA-200903-32
reference_type
scores
url https://security.gentoo.org/glsa/200903-32
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.8.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.8.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.8.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-4096
risk_score 0.4
exploitability 2.0
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8chr-uuma-syby
67
url VCID-8euz-dr4k-y3br
vulnerability_id VCID-8euz-dr4k-y3br
summary Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1150.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1150
reference_id
reference_type
scores
0
value 0.00749
scoring_system epss
scoring_elements 0.73492
published_at 2026-06-04T12:55:00Z
1
value 0.00749
scoring_system epss
scoring_elements 0.73528
published_at 2026-06-05T12:55:00Z
2
value 0.00749
scoring_system epss
scoring_elements 0.73533
published_at 2026-06-06T12:55:00Z
3
value 0.00749
scoring_system epss
scoring_elements 0.73521
published_at 2026-06-07T12:55:00Z
4
value 0.00749
scoring_system epss
scoring_elements 0.73508
published_at 2026-06-08T12:55:00Z
5
value 0.00749
scoring_system epss
scoring_elements 0.73534
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1150
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id 492066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=492066
4
reference_url https://security.gentoo.org/glsa/200906-03
reference_id GLSA-200906-03
reference_type
scores
url https://security.gentoo.org/glsa/200906-03
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-1150
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8euz-dr4k-y3br
68
url VCID-8jt7-y15v-83gj
vulnerability_id VCID-8jt7-y15v-83gj
summary XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature (a specially-crafted database name can be used to trigger an XSS attack); the "Tracking" feature (a specially-crafted query can be used to trigger an XSS attack); and GIS visualization feature. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6615
reference_id
reference_type
scores
0
value 0.00321
scoring_system epss
scoring_elements 0.55451
published_at 2026-06-04T12:55:00Z
1
value 0.00321
scoring_system epss
scoring_elements 0.55507
published_at 2026-06-05T12:55:00Z
2
value 0.00321
scoring_system epss
scoring_elements 0.55512
published_at 2026-06-06T12:55:00Z
3
value 0.00321
scoring_system epss
scoring_elements 0.55501
published_at 2026-06-07T12:55:00Z
4
value 0.00321
scoring_system epss
scoring_elements 0.55482
published_at 2026-06-08T12:55:00Z
5
value 0.00321
scoring_system epss
scoring_elements 0.555
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6615
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6615
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6615
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8jt7-y15v-83gj
69
url VCID-8rvw-n1fg-ffc2
vulnerability_id VCID-8rvw-n1fg-ffc2
summary 
Cross-Site Request Forgery (CSRF)
A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken `<img>` tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific `INSERT` or `DELETE` statement) to the victim.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12616
reference_id
reference_type
scores
0
value 0.49922
scoring_system epss
scoring_elements 0.97869
published_at 2026-06-05T12:55:00Z
1
value 0.49922
scoring_system epss
scoring_elements 0.97871
published_at 2026-06-08T12:55:00Z
2
value 0.49922
scoring_system epss
scoring_elements 0.9787
published_at 2026-06-09T12:55:00Z
3
value 0.52136
scoring_system epss
scoring_elements 0.97969
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12616
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec
3
reference_url https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html
4
reference_url https://www.phpmyadmin.net/security/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/
5
reference_url https://www.phpmyadmin.net/security/PMASA-2019-4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-4
6
reference_url https://www.phpmyadmin.net/security/PMASA-2019-4/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-4/
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017
reference_id 930017
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017
8
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt
reference_id CVE-2019-12616
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12616
reference_id CVE-2019-12616
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12616
10
reference_url https://github.com/advisories/GHSA-mfr9-pcm3-6mwc
reference_id GHSA-mfr9-pcm3-6mwc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mfr9-pcm3-6mwc
11
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
12
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2019-12616, GHSA-mfr9-pcm3-6mwc
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8rvw-n1fg-ffc2
70
url VCID-8syp-xj1q-a7dx
vulnerability_id VCID-8syp-xj1q-a7dx
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2245
reference_id
reference_type
scores
0
value 0.02467
scoring_system epss
scoring_elements 0.85536
published_at 2026-06-04T12:55:00Z
1
value 0.02467
scoring_system epss
scoring_elements 0.85558
published_at 2026-06-05T12:55:00Z
2
value 0.02467
scoring_system epss
scoring_elements 0.85563
published_at 2026-06-06T12:55:00Z
3
value 0.02467
scoring_system epss
scoring_elements 0.85559
published_at 2026-06-09T12:55:00Z
4
value 0.02467
scoring_system epss
scoring_elements 0.85544
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2245
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2245
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2245
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.10.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.10.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.10.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-2245
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8syp-xj1q-a7dx
71
url VCID-8yxm-e33n-d7gj
vulnerability_id VCID-8yxm-e33n-d7gj
summary An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6619
reference_id
reference_type
scores
0
value 0.00321
scoring_system epss
scoring_elements 0.55406
published_at 2026-06-04T12:55:00Z
1
value 0.00321
scoring_system epss
scoring_elements 0.55462
published_at 2026-06-05T12:55:00Z
2
value 0.00321
scoring_system epss
scoring_elements 0.55468
published_at 2026-06-06T12:55:00Z
3
value 0.00321
scoring_system epss
scoring_elements 0.55456
published_at 2026-06-09T12:55:00Z
4
value 0.00321
scoring_system epss
scoring_elements 0.55437
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6619
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6619
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6619
2
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6619
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yxm-e33n-d7gj
72
url VCID-92xz-8fkp-ekh3
vulnerability_id VCID-92xz-8fkp-ekh3
summary 
phpMyAdmin Directory Traversal vulnerability
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.
references
0
reference_url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7
3
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2508
reference_id
reference_type
scores
0
value 0.11174
scoring_system epss
scoring_elements 0.93647
published_at 2026-06-09T12:55:00Z
1
value 0.11174
scoring_system epss
scoring_elements 0.93642
published_at 2026-06-06T12:55:00Z
2
value 0.11174
scoring_system epss
scoring_elements 0.9364
published_at 2026-06-08T12:55:00Z
3
value 0.11174
scoring_system epss
scoring_elements 0.93632
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2508
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508
6
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
7
reference_url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
8
reference_url https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
9
reference_url https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded
10
reference_url https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306
11
reference_url https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
12
reference_url http://www.debian.org/security/2011/dsa-2286
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2286
13
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:124
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:124
14
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/2
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/2
15
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/6
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/6
16
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/8
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/8
17
reference_url http://www.openwall.com/lists/oss-security/2011/06/29/11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/29/11
18
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2508
reference_id CVE-2011-2508
reference_type
scores
0
value 7.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2508
20
reference_url https://github.com/advisories/GHSA-q6vw-39cg-wjjf
reference_id GHSA-q6vw-39cg-wjjf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q6vw-39cg-wjjf
21
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2508, GHSA-q6vw-39cg-wjjf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92xz-8fkp-ekh3
73
url VCID-94pm-84ku-w3cw
vulnerability_id VCID-94pm-84ku-w3cw
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) js/functions.js and (2) js/tbl_structure.js.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3591
reference_id
reference_type
scores
0
value 0.0018
scoring_system epss
scoring_elements 0.39359
published_at 2026-06-09T12:55:00Z
1
value 0.0018
scoring_system epss
scoring_elements 0.3931
published_at 2026-06-04T12:55:00Z
2
value 0.0018
scoring_system epss
scoring_elements 0.39399
published_at 2026-06-05T12:55:00Z
3
value 0.0018
scoring_system epss
scoring_elements 0.39403
published_at 2026-06-06T12:55:00Z
4
value 0.0018
scoring_system epss
scoring_elements 0.39375
published_at 2026-06-07T12:55:00Z
5
value 0.0018
scoring_system epss
scoring_elements 0.39346
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3591
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=738681
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=738681
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3591
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3591
3
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3591
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3591
6
reference_url http://www.openwall.com/lists/oss-security/2011/09/30/8
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/09/30/8
7
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
8
reference_url https://github.com/advisories/GHSA-3p87-w3c5-27gf
reference_id GHSA-3p87-w3c5-27gf
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3p87-w3c5-27gf
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.5-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.5-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-3591, GHSA-3p87-w3c5-27gf
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94pm-84ku-w3cw
74
url VCID-9fse-nc5w-2fay
vulnerability_id VCID-9fse-nc5w-2fay
summary phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6944
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58641
published_at 2026-06-04T12:55:00Z
1
value 0.00363
scoring_system epss
scoring_elements 0.58688
published_at 2026-06-05T12:55:00Z
2
value 0.00363
scoring_system epss
scoring_elements 0.58694
published_at 2026-06-06T12:55:00Z
3
value 0.00363
scoring_system epss
scoring_elements 0.58687
published_at 2026-06-07T12:55:00Z
4
value 0.00363
scoring_system epss
scoring_elements 0.58672
published_at 2026-06-08T12:55:00Z
5
value 0.00363
scoring_system epss
scoring_elements 0.58686
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6944
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6944
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6944
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-6944
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9fse-nc5w-2fay
75
url VCID-9nh7-ny6c-n3cd
vulnerability_id VCID-9nh7-ny6c-n3cd
summary An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6626
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49363
published_at 2026-06-04T12:55:00Z
1
value 0.00257
scoring_system epss
scoring_elements 0.49425
published_at 2026-06-05T12:55:00Z
2
value 0.00257
scoring_system epss
scoring_elements 0.49435
published_at 2026-06-06T12:55:00Z
3
value 0.00257
scoring_system epss
scoring_elements 0.49417
published_at 2026-06-07T12:55:00Z
4
value 0.00257
scoring_system epss
scoring_elements 0.49387
published_at 2026-06-08T12:55:00Z
5
value 0.00257
scoring_system epss
scoring_elements 0.494
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6626
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6626
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6626
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9nh7-ny6c-n3cd
76
url VCID-9qsc-1gqr-g3gj
vulnerability_id VCID-9qsc-1gqr-g3gj
summary The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3055
reference_id
reference_type
scores
0
value 0.01727
scoring_system epss
scoring_elements 0.82779
published_at 2026-06-04T12:55:00Z
1
value 0.01727
scoring_system epss
scoring_elements 0.82804
published_at 2026-06-05T12:55:00Z
2
value 0.01727
scoring_system epss
scoring_elements 0.82803
published_at 2026-06-06T12:55:00Z
3
value 0.01727
scoring_system epss
scoring_elements 0.82801
published_at 2026-06-07T12:55:00Z
4
value 0.01727
scoring_system epss
scoring_elements 0.82794
published_at 2026-06-08T12:55:00Z
5
value 0.01727
scoring_system epss
scoring_elements 0.82807
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3055
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.0.0?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.0.0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.0.0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2010-3055
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qsc-1gqr-g3gj
77
url VCID-9tdu-572c-tbb2
vulnerability_id VCID-9tdu-572c-tbb2
summary SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5703
reference_id
reference_type
scores
0
value 0.01576
scoring_system epss
scoring_elements 0.81885
published_at 2026-06-04T12:55:00Z
1
value 0.01576
scoring_system epss
scoring_elements 0.81918
published_at 2026-06-06T12:55:00Z
2
value 0.01576
scoring_system epss
scoring_elements 0.81919
published_at 2026-06-07T12:55:00Z
3
value 0.01576
scoring_system epss
scoring_elements 0.81912
published_at 2026-06-08T12:55:00Z
4
value 0.01576
scoring_system epss
scoring_elements 0.81927
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5703
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5703
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5703
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5703
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9tdu-572c-tbb2
78
url VCID-9y3y-59rh-ubfv
vulnerability_id VCID-9y3y-59rh-ubfv
summary Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote attackers to inject arbitrary web script or HTML via a server name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3263
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51389
published_at 2026-06-04T12:55:00Z
1
value 0.00277
scoring_system epss
scoring_elements 0.51451
published_at 2026-06-05T12:55:00Z
2
value 0.00277
scoring_system epss
scoring_elements 0.51457
published_at 2026-06-06T12:55:00Z
3
value 0.00277
scoring_system epss
scoring_elements 0.51435
published_at 2026-06-07T12:55:00Z
4
value 0.00277
scoring_system epss
scoring_elements 0.51402
published_at 2026-06-08T12:55:00Z
5
value 0.00277
scoring_system epss
scoring_elements 0.51422
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3263
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3263
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3263
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.7-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.7-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2010-3263
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9y3y-59rh-ubfv
79
url VCID-9z7g-cffj-1ufe
vulnerability_id VCID-9z7g-cffj-1ufe
summary Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8960
reference_id
reference_type
scores
0
value 0.00287
scoring_system epss
scoring_elements 0.52374
published_at 2026-06-04T12:55:00Z
1
value 0.00287
scoring_system epss
scoring_elements 0.52435
published_at 2026-06-05T12:55:00Z
2
value 0.00287
scoring_system epss
scoring_elements 0.52443
published_at 2026-06-06T12:55:00Z
3
value 0.00287
scoring_system epss
scoring_elements 0.52423
published_at 2026-06-07T12:55:00Z
4
value 0.00287
scoring_system epss
scoring_elements 0.52395
published_at 2026-06-08T12:55:00Z
5
value 0.00287
scoring_system epss
scoring_elements 0.52416
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8960
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8960
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-8960
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9z7g-cffj-1ufe
80
url VCID-a4fa-ms27-93fn
vulnerability_id VCID-a4fa-ms27-93fn
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5274
reference_id
reference_type
scores
0
value 0.00219
scoring_system epss
scoring_elements 0.44598
published_at 2026-06-09T12:55:00Z
1
value 0.00219
scoring_system epss
scoring_elements 0.44631
published_at 2026-06-05T12:55:00Z
2
value 0.00219
scoring_system epss
scoring_elements 0.44639
published_at 2026-06-06T12:55:00Z
3
value 0.00219
scoring_system epss
scoring_elements 0.44617
published_at 2026-06-07T12:55:00Z
4
value 0.00219
scoring_system epss
scoring_elements 0.44585
published_at 2026-06-08T12:55:00Z
5
value 0.00219
scoring_system epss
scoring_elements 0.44562
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5274
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5274
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5274
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/0cd293f5e13aa245e4a57b8d373597cc0e421b6f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/0cd293f5e13aa245e4a57b8d373597cc0e421b6f
4
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536
reference_id 758536
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-5274
reference_id CVE-2014-5274
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-5274
7
reference_url https://github.com/advisories/GHSA-q586-xpwr-jc3j
reference_id GHSA-q586-xpwr-jc3j
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q586-xpwr-jc3j
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.7.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.7.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-5274, GHSA-q586-xpwr-jc3j
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4fa-ms27-93fn
81
url VCID-a94q-k98a-6qbw
vulnerability_id VCID-a94q-k98a-6qbw
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-10/msg00009.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-10/msg00009.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7217
reference_id
reference_type
scores
0
value 0.00339
scoring_system epss
scoring_elements 0.56959
published_at 2026-06-09T12:55:00Z
1
value 0.00339
scoring_system epss
scoring_elements 0.5691
published_at 2026-06-04T12:55:00Z
2
value 0.00339
scoring_system epss
scoring_elements 0.56961
published_at 2026-06-05T12:55:00Z
3
value 0.00339
scoring_system epss
scoring_elements 0.56968
published_at 2026-06-06T12:55:00Z
4
value 0.00339
scoring_system epss
scoring_elements 0.56956
published_at 2026-06-07T12:55:00Z
5
value 0.00339
scoring_system epss
scoring_elements 0.56941
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7217
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7217
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/304fb2b645b36a39e03b954fdbd567173ebe6448
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/304fb2b645b36a39e03b954fdbd567173ebe6448
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/c1a3f85fbd1a9569646e7cf1b791325ae82c7961
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/c1a3f85fbd1a9569646e7cf1b791325ae82c7961
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7217
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7217
6
reference_url https://web.archive.org/web/20141010205819/http://www.securityfocus.com/bid/70252
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20141010205819/http://www.securityfocus.com/bid/70252
7
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php
8
reference_url https://github.com/advisories/GHSA-wv8g-fx9j-q2jg
reference_id GHSA-wv8g-fx9j-q2jg
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wv8g-fx9j-q2jg
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.9.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.9.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.9.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-7217, GHSA-wv8g-fx9j-q2jg
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a94q-k98a-6qbw
82
url VCID-abn5-z84m-zqas
vulnerability_id VCID-abn5-z84m-zqas
summary Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2642
reference_id
reference_type
scores
0
value 0.00667
scoring_system epss
scoring_elements 0.71642
published_at 2026-06-04T12:55:00Z
1
value 0.00667
scoring_system epss
scoring_elements 0.71686
published_at 2026-06-05T12:55:00Z
2
value 0.00667
scoring_system epss
scoring_elements 0.71692
published_at 2026-06-06T12:55:00Z
3
value 0.00667
scoring_system epss
scoring_elements 0.71668
published_at 2026-06-07T12:55:00Z
4
value 0.00667
scoring_system epss
scoring_elements 0.71654
published_at 2026-06-08T12:55:00Z
5
value 0.00667
scoring_system epss
scoring_elements 0.71676
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2642
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2642
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2642
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2642
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-abn5-z84m-zqas
83
url VCID-ajeh-4q9t-sydz
vulnerability_id VCID-ajeh-4q9t-sydz
summary An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9850
reference_id
reference_type
scores
0
value 0.00565
scoring_system epss
scoring_elements 0.68788
published_at 2026-06-04T12:55:00Z
1
value 0.00565
scoring_system epss
scoring_elements 0.68828
published_at 2026-06-07T12:55:00Z
2
value 0.00565
scoring_system epss
scoring_elements 0.68835
published_at 2026-06-06T12:55:00Z
3
value 0.00565
scoring_system epss
scoring_elements 0.68812
published_at 2026-06-08T12:55:00Z
4
value 0.00565
scoring_system epss
scoring_elements 0.68832
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9850
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9850
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9850
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9850
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajeh-4q9t-sydz
84
url VCID-ajf6-bk2g-wkb7
vulnerability_id VCID-ajf6-bk2g-wkb7
summary 
Information Exposure
When the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6799
reference_id
reference_type
scores
0
value 0.76961
scoring_system epss
scoring_elements 0.9898
published_at 2026-06-08T12:55:00Z
1
value 0.76961
scoring_system epss
scoring_elements 0.98981
published_at 2026-06-07T12:55:00Z
2
value 0.76961
scoring_system epss
scoring_elements 0.98978
published_at 2026-06-04T12:55:00Z
3
value 0.76961
scoring_system epss
scoring_elements 0.98982
published_at 2026-06-06T12:55:00Z
4
value 0.76961
scoring_system epss
scoring_elements 0.98979
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6799
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html
4
reference_url https://www.phpmyadmin.net/security/PMASA-2019-1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-1
5
reference_url https://www.phpmyadmin.net/security/PMASA-2019-1/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-1/
6
reference_url http://www.securityfocus.com/bid/106736
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106736
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823
reference_id 920823
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6799
reference_id CVE-2019-6799
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6799
9
reference_url https://github.com/advisories/GHSA-c8wj-q36q-3wg4
reference_id GHSA-c8wj-q36q-3wg4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c8wj-q36q-3wg4
10
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2019-6799, GHSA-c8wj-q36q-3wg4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajf6-bk2g-wkb7
85
url VCID-ajmz-kfxh-sqaf
vulnerability_id VCID-ajmz-kfxh-sqaf
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, (3) a crafted logo URL in the navigation panel, (4) a crafted entry in a certain proxy list, or (5) crafted content in a version.json file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4996
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51389
published_at 2026-06-04T12:55:00Z
1
value 0.00277
scoring_system epss
scoring_elements 0.51451
published_at 2026-06-05T12:55:00Z
2
value 0.00277
scoring_system epss
scoring_elements 0.51457
published_at 2026-06-06T12:55:00Z
3
value 0.00277
scoring_system epss
scoring_elements 0.51435
published_at 2026-06-07T12:55:00Z
4
value 0.00277
scoring_system epss
scoring_elements 0.51402
published_at 2026-06-08T12:55:00Z
5
value 0.00277
scoring_system epss
scoring_elements 0.51422
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4996
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
6
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-4996
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajmz-kfxh-sqaf
86
url VCID-amgy-teas-euh5
vulnerability_id VCID-amgy-teas-euh5
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-11/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-11/msg00004.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8326
reference_id
reference_type
scores
0
value 0.00269
scoring_system epss
scoring_elements 0.50618
published_at 2026-06-09T12:55:00Z
1
value 0.00269
scoring_system epss
scoring_elements 0.50582
published_at 2026-06-04T12:55:00Z
2
value 0.00269
scoring_system epss
scoring_elements 0.50643
published_at 2026-06-05T12:55:00Z
3
value 0.00269
scoring_system epss
scoring_elements 0.50651
published_at 2026-06-06T12:55:00Z
4
value 0.00269
scoring_system epss
scoring_elements 0.50631
published_at 2026-06-07T12:55:00Z
5
value 0.00269
scoring_system epss
scoring_elements 0.50601
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8326
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8326
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8326
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/7b8962dede7631298c81e2c1cd267b81f1e08a8c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/7b8962dede7631298c81e2c1cd267b81f1e08a8c
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/bd68c54d1beeef79d237e8bfda44690834012a76
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/bd68c54d1beeef79d237e8bfda44690834012a76
5
reference_url https://web.archive.org/web/20200228163625/http://www.securityfocus.com/bid/70731
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228163625/http://www.securityfocus.com/bid/70731
6
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8326
reference_id CVE-2014-8326
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-8326
8
reference_url https://github.com/advisories/GHSA-pvr5-84gr-g985
reference_id GHSA-pvr5-84gr-g985
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pvr5-84gr-g985
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.10.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.10.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.10.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-8326, GHSA-pvr5-84gr-g985
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-amgy-teas-euh5
87
url VCID-axtb-1njj-rbb4
vulnerability_id VCID-axtb-1njj-rbb4
summary 
Cross-Site Request Forgery (CSRF)
phpMyAdmin versions is vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping or truncating tables etc.
references
0
reference_url http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click
1
reference_url http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/
reference_id
reference_type
scores
url http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000499
reference_id
reference_type
scores
0
value 0.11439
scoring_system epss
scoring_elements 0.93739
published_at 2026-06-06T12:55:00Z
1
value 0.11439
scoring_system epss
scoring_elements 0.9373
published_at 2026-06-04T12:55:00Z
2
value 0.11439
scoring_system epss
scoring_elements 0.93738
published_at 2026-06-08T12:55:00Z
3
value 0.11439
scoring_system epss
scoring_elements 0.93744
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000499
3
reference_url https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163
4
reference_url https://www.exploit-db.com/exploits/45284
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/45284
5
reference_url https://www.exploit-db.com/exploits/45284/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/45284/
6
reference_url https://www.phpmyadmin.net/security/PMASA-2017-9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-9
7
reference_url https://www.phpmyadmin.net/security/PMASA-2017-9/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2017-9/
8
reference_url http://www.securitytracker.com/id/1040163
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040163
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt
reference_id CVE-2017-1000499
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000499
reference_id CVE-2017-1000499
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000499
11
reference_url https://github.com/advisories/GHSA-f9hx-5jq4-fgjm
reference_id GHSA-f9hx-5jq4-fgjm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f9hx-5jq4-fgjm
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-1000499, GHSA-f9hx-5jq4-fgjm
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axtb-1njj-rbb4
88
url VCID-b2nf-6pr3-xqaa
vulnerability_id VCID-b2nf-6pr3-xqaa
summary 
SQL Injection
An issue was discovered in SearchController in phpMyAdmin. An SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
2
reference_url https://advisory.checkmarx.net/advisory/CX-2020-4281
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://advisory.checkmarx.net/advisory/CX-2020-4281
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26935
reference_id
reference_type
scores
0
value 0.89641
scoring_system epss
scoring_elements 0.99581
published_at 2026-06-08T12:55:00Z
1
value 0.89641
scoring_system epss
scoring_elements 0.99579
published_at 2026-06-04T12:55:00Z
2
value 0.89641
scoring_system epss
scoring_elements 0.99582
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26935
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
11
reference_url https://security.gentoo.org/glsa/202101-35
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202101-35
12
reference_url https://www.phpmyadmin.net/security/PMASA-2020-6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-6
13
reference_url https://www.phpmyadmin.net/security/PMASA-2020-6/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-6/
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000
reference_id 972000
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26935
reference_id CVE-2020-26935
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26935
16
reference_url https://github.com/advisories/GHSA-7ff4-cv53-4cjq
reference_id GHSA-7ff4-cv53-4cjq
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7ff4-cv53-4cjq
17
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
18
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.7%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.7%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.7%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2020-26935, GHSA-7ff4-cv53-4cjq
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b2nf-6pr3-xqaa
89
url VCID-b4jk-yjfy-pfcv
vulnerability_id VCID-b4jk-yjfy-pfcv
summary libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2044
reference_id
reference_type
scores
0
value 0.00437
scoring_system epss
scoring_elements 0.6338
published_at 2026-06-04T12:55:00Z
1
value 0.00437
scoring_system epss
scoring_elements 0.63423
published_at 2026-06-07T12:55:00Z
2
value 0.00437
scoring_system epss
scoring_elements 0.63432
published_at 2026-06-06T12:55:00Z
3
value 0.00437
scoring_system epss
scoring_elements 0.6341
published_at 2026-06-08T12:55:00Z
4
value 0.00437
scoring_system epss
scoring_elements 0.63428
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2044
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2044
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2044
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2044
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4jk-yjfy-pfcv
90
url VCID-b6ng-ygap-zqh4
vulnerability_id VCID-b6ng-ygap-zqh4
summary 
Improper Input Validation
The `checkHTTP` function in `libraries/Config.class.php` in phpMyAdmin does not verify X.509 certificates from `api.github.com` SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2562
reference_id
reference_type
scores
0
value 0.0023
scoring_system epss
scoring_elements 0.45927
published_at 2026-06-09T12:55:00Z
1
value 0.0023
scoring_system epss
scoring_elements 0.4589
published_at 2026-06-04T12:55:00Z
2
value 0.0023
scoring_system epss
scoring_elements 0.45959
published_at 2026-06-05T12:55:00Z
3
value 0.0023
scoring_system epss
scoring_elements 0.45962
published_at 2026-06-06T12:55:00Z
4
value 0.0023
scoring_system epss
scoring_elements 0.45941
published_at 2026-06-07T12:55:00Z
5
value 0.0023
scoring_system epss
scoring_elements 0.45915
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2562
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562
4
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
5
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976
6
reference_url https://www.phpmyadmin.net/security/PMASA-2016-13
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-13
7
reference_url https://www.phpmyadmin.net/security/PMASA-2016-13/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2016-13/
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2562
reference_id CVE-2016-2562
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2562
9
reference_url https://github.com/advisories/GHSA-w8qg-j9fp-hrjf
reference_id GHSA-w8qg-j9fp-hrjf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w8qg-j9fp-hrjf
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2562, GHSA-w8qg-j9fp-hrjf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ng-ygap-zqh4
91
url VCID-bcgq-2961-43b9
vulnerability_id VCID-bcgq-2961-43b9
summary Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2643
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.5995
published_at 2026-06-04T12:55:00Z
1
value 0.00383
scoring_system epss
scoring_elements 0.59997
published_at 2026-06-05T12:55:00Z
2
value 0.00383
scoring_system epss
scoring_elements 0.6
published_at 2026-06-06T12:55:00Z
3
value 0.00383
scoring_system epss
scoring_elements 0.59989
published_at 2026-06-09T12:55:00Z
4
value 0.00383
scoring_system epss
scoring_elements 0.59971
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2643
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2643
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2643
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2643
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcgq-2961-43b9
92
url VCID-bd83-vf81-sfa4
vulnerability_id VCID-bd83-vf81-sfa4
summary 
SQL Injection
An issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6798
reference_id
reference_type
scores
0
value 0.00394
scoring_system epss
scoring_elements 0.60597
published_at 2026-06-04T12:55:00Z
1
value 0.00394
scoring_system epss
scoring_elements 0.60625
published_at 2026-06-08T12:55:00Z
2
value 0.00394
scoring_system epss
scoring_elements 0.60642
published_at 2026-06-09T12:55:00Z
3
value 0.00394
scoring_system epss
scoring_elements 0.60653
published_at 2026-06-06T12:55:00Z
4
value 0.00394
scoring_system epss
scoring_elements 0.60645
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6798
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://www.phpmyadmin.net/security/PMASA-2019-2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-2
4
reference_url https://www.phpmyadmin.net/security/PMASA-2019-2/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-2/
5
reference_url http://www.securityfocus.com/bid/106727
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106727
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822
reference_id 920822
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6798
reference_id CVE-2019-6798
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6798
8
reference_url https://github.com/advisories/GHSA-f732-fxh6-g4qj
reference_id GHSA-f732-fxh6-g4qj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f732-fxh6-g4qj
9
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
10
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2019-6798, GHSA-f732-fxh6-g4qj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bd83-vf81-sfa4
93
url VCID-bddg-5zgr-3uew
vulnerability_id VCID-bddg-5zgr-3uew
summary 
phpMyAdmin vulnerable to Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5705
reference_id
reference_type
scores
0
value 0.00605
scoring_system epss
scoring_elements 0.70048
published_at 2026-06-06T12:55:00Z
1
value 0.00605
scoring_system epss
scoring_elements 0.69998
published_at 2026-06-04T12:55:00Z
2
value 0.00605
scoring_system epss
scoring_elements 0.70039
published_at 2026-06-05T12:55:00Z
3
value 0.00605
scoring_system epss
scoring_elements 0.70042
published_at 2026-06-09T12:55:00Z
4
value 0.00605
scoring_system epss
scoring_elements 0.70019
published_at 2026-06-08T12:55:00Z
5
value 0.00605
scoring_system epss
scoring_elements 0.7003
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5705
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/03f73d48369703e0d3584699b08e24891c3295b8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/03f73d48369703e0d3584699b08e24891c3295b8
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/0b7416c5f4439ed3f11c023785f2d4c49a1b09fc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/0b7416c5f4439ed3f11c023785f2d4c49a1b09fc
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/364732e309cccb3fb56c938ed8d8bc0e04a3ca98
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/364732e309cccb3fb56c938ed8d8bc0e04a3ca98
20
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/36df83a97a7f140fdb008b727a94f882847c6a6f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/36df83a97a7f140fdb008b727a94f882847c6a6f
21
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/57ae483bad33059a885366d5445b7e1f6f29860a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/57ae483bad33059a885366d5445b7e1f6f29860a
22
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
23
reference_url https://web.archive.org/web/20200227223416/http://www.securityfocus.com/bid/91378
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223416/http://www.securityfocus.com/bid/91378
24
reference_url https://www.phpmyadmin.net/security/PMASA-2016-21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-21
25
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5705
reference_id CVE-2016-5705
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5705
27
reference_url https://github.com/advisories/GHSA-6q2j-8h8q-46mr
reference_id GHSA-6q2j-8h8q-46mr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6q2j-8h8q-46mr
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5705, GHSA-6q2j-8h8q-46mr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bddg-5zgr-3uew
94
url VCID-bshf-rz9w-3yb3
vulnerability_id VCID-bshf-rz9w-3yb3
summary Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmin 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted object name associated with a TextLinkTransformationPlugin link.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5001
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.40004
published_at 2026-06-04T12:55:00Z
1
value 0.00185
scoring_system epss
scoring_elements 0.40086
published_at 2026-06-05T12:55:00Z
2
value 0.00185
scoring_system epss
scoring_elements 0.40088
published_at 2026-06-06T12:55:00Z
3
value 0.00185
scoring_system epss
scoring_elements 0.4006
published_at 2026-06-07T12:55:00Z
4
value 0.00185
scoring_system epss
scoring_elements 0.40032
published_at 2026-06-08T12:55:00Z
5
value 0.00185
scoring_system epss
scoring_elements 0.40049
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5001
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5001
2
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-5001
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bshf-rz9w-3yb3
95
url VCID-btc1-yng3-ckhx
vulnerability_id VCID-btc1-yng3-ckhx
summary 
Improper Input Validation
phpMyAdmin is vulnerable to a DoS attack in the replication status by using a specially crafted table name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000018
reference_id
reference_type
scores
0
value 0.01295
scoring_system epss
scoring_elements 0.80068
published_at 2026-06-09T12:55:00Z
1
value 0.01295
scoring_system epss
scoring_elements 0.80034
published_at 2026-06-04T12:55:00Z
2
value 0.01295
scoring_system epss
scoring_elements 0.8006
published_at 2026-06-05T12:55:00Z
3
value 0.01295
scoring_system epss
scoring_elements 0.80064
published_at 2026-06-06T12:55:00Z
4
value 0.01295
scoring_system epss
scoring_elements 0.80058
published_at 2026-06-07T12:55:00Z
5
value 0.01295
scoring_system epss
scoring_elements 0.80048
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000018
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000018
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000018
2
reference_url https://web.archive.org/web/20210123220317/http://www.securityfocus.com/bid/95738
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123220317/http://www.securityfocus.com/bid/95738
3
reference_url https://www.phpmyadmin.net/security/PMASA-2017-7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-7
4
reference_url http://www.securityfocus.com/bid/95738
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95738
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000018
reference_id CVE-2017-1000018
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000018
6
reference_url https://github.com/advisories/GHSA-47qr-f86f-3wm4
reference_id GHSA-47qr-f86f-3wm4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-47qr-f86f-3wm4
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-1000018, GHSA-47qr-f86f-3wm4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-btc1-yng3-ckhx
96
url VCID-cbjd-e3sk-m7bu
vulnerability_id VCID-cbjd-e3sk-m7bu
summary 
Cross-Site Request Forgery (CSRF)
An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9866
reference_id
reference_type
scores
0
value 0.00221
scoring_system epss
scoring_elements 0.44791
published_at 2026-06-05T12:55:00Z
1
value 0.00221
scoring_system epss
scoring_elements 0.44757
published_at 2026-06-09T12:55:00Z
2
value 0.00221
scoring_system epss
scoring_elements 0.44776
published_at 2026-06-07T12:55:00Z
3
value 0.00221
scoring_system epss
scoring_elements 0.44797
published_at 2026-06-06T12:55:00Z
4
value 0.00221
scoring_system epss
scoring_elements 0.4472
published_at 2026-06-04T12:55:00Z
5
value 0.00221
scoring_system epss
scoring_elements 0.44744
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9866
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-71
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-71
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9866
reference_id CVE-2016-9866
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9866
7
reference_url https://github.com/advisories/GHSA-jvxx-8xxf-5495
reference_id GHSA-jvxx-8xxf-5495
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jvxx-8xxf-5495
8
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9866, GHSA-jvxx-8xxf-5495
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbjd-e3sk-m7bu
97
url VCID-crn9-f6qt-qfg5
vulnerability_id VCID-crn9-f6qt-qfg5
summary libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2039
reference_id
reference_type
scores
0
value 0.00382
scoring_system epss
scoring_elements 0.59897
published_at 2026-06-04T12:55:00Z
1
value 0.00382
scoring_system epss
scoring_elements 0.59944
published_at 2026-06-05T12:55:00Z
2
value 0.00382
scoring_system epss
scoring_elements 0.59947
published_at 2026-06-06T12:55:00Z
3
value 0.00382
scoring_system epss
scoring_elements 0.59939
published_at 2026-06-09T12:55:00Z
4
value 0.00382
scoring_system epss
scoring_elements 0.59921
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2039
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2039
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-crn9-f6qt-qfg5
98
url VCID-cth2-72mg-6yfr
vulnerability_id VCID-cth2-72mg-6yfr
summary libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8669
reference_id
reference_type
scores
0
value 0.00487
scoring_system epss
scoring_elements 0.65794
published_at 2026-06-04T12:55:00Z
1
value 0.00487
scoring_system epss
scoring_elements 0.65847
published_at 2026-06-05T12:55:00Z
2
value 0.00487
scoring_system epss
scoring_elements 0.65858
published_at 2026-06-06T12:55:00Z
3
value 0.00487
scoring_system epss
scoring_elements 0.65845
published_at 2026-06-07T12:55:00Z
4
value 0.00487
scoring_system epss
scoring_elements 0.65834
published_at 2026-06-08T12:55:00Z
5
value 0.00487
scoring_system epss
scoring_elements 0.65853
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8669
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8669
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8669
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2015-8669
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cth2-72mg-6yfr
99
url VCID-cws5-ykxx-3qaf
vulnerability_id VCID-cws5-ykxx-3qaf
summary phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5159
reference_id
reference_type
scores
0
value 0.8794
scoring_system epss
scoring_elements 0.99493
published_at 2026-06-04T12:55:00Z
1
value 0.8794
scoring_system epss
scoring_elements 0.99494
published_at 2026-06-08T12:55:00Z
2
value 0.8794
scoring_system epss
scoring_elements 0.99495
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5159
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/21834.rb
reference_id CVE-2012-5159;OSVDB-85739
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/21834.rb
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-5159
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cws5-ykxx-3qaf
100
url VCID-cyv1-muwx-83h8
vulnerability_id VCID-cyv1-muwx-83h8
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
references
0
reference_url http://bugs.gentoo.org/show_bug.cgi?id=288899
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.gentoo.org/show_bug.cgi?id=288899
1
reference_url http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/2.11.9.6/phpMyAdmin-2.11.9.6-notes.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/2.11.9.6/phpMyAdmin-2.11.9.6-notes.html
2
reference_url http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.2.2.1/phpMyAdmin-3.2.2.1-notes.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.2.2.1/phpMyAdmin-3.2.2.1-notes.html
3
reference_url http://freshmeat.net/projects/phpmyadmin/releases/306667
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://freshmeat.net/projects/phpmyadmin/releases/306667
4
reference_url http://freshmeat.net/projects/phpmyadmin/releases/306669
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://freshmeat.net/projects/phpmyadmin/releases/306669
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
6
reference_url http://marc.info/?l=oss-security&m=125553728512853&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=oss-security&m=125553728512853&w=2
7
reference_url http://marc.info/?l=oss-security&m=125561979001460&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=oss-security&m=125561979001460&w=2
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3696.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3696.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3696
reference_id
reference_type
scores
0
value 0.03385
scoring_system epss
scoring_elements 0.87642
published_at 2026-06-09T12:55:00Z
1
value 0.03385
scoring_system epss
scoring_elements 0.87609
published_at 2026-06-04T12:55:00Z
2
value 0.03385
scoring_system epss
scoring_elements 0.8763
published_at 2026-06-08T12:55:00Z
3
value 0.03385
scoring_system epss
scoring_elements 0.87631
published_at 2026-06-06T12:55:00Z
4
value 0.03385
scoring_system epss
scoring_elements 0.87629
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3696
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=528769
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=528769
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696
12
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/53742
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/53742
13
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
14
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/212daad0c082dfb853e3a4098838781a96b2ce1f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/212daad0c082dfb853e3a4098838781a96b2ce1f
15
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/8ec5434999724f61d7df1f9b0b13545274c78b1e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/8ec5434999724f61d7df1f9b0b13545274c78b1e
16
reference_url https://web.archive.org/web/20200228173112/http://www.securityfocus.com/bid/36658
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228173112/http://www.securityfocus.com/bid/36658
17
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00467.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00467.html
18
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00490.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00490.html
19
reference_url http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0
20
reference_url http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0/
reference_id
reference_type
scores
url http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0/
21
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015
22
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015/
23
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:274
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:274
24
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-3696
reference_id CVE-2009-3696
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-3696
26
reference_url https://github.com/advisories/GHSA-5pvv-f8h3-gw96
reference_id GHSA-5pvv-f8h3-gw96
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5pvv-f8h3-gw96
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.2.2.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.2.2.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.2.2.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-3696, GHSA-5pvv-f8h3-gw96
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cyv1-muwx-83h8
101
url VCID-cz55-m46r-37gb
vulnerability_id VCID-cz55-m46r-37gb
summary Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3902
reference_id
reference_type
scores
0
value 0.00217
scoring_system epss
scoring_elements 0.44306
published_at 2026-06-04T12:55:00Z
1
value 0.00217
scoring_system epss
scoring_elements 0.44375
published_at 2026-06-05T12:55:00Z
2
value 0.00217
scoring_system epss
scoring_elements 0.44383
published_at 2026-06-06T12:55:00Z
3
value 0.00217
scoring_system epss
scoring_elements 0.4436
published_at 2026-06-07T12:55:00Z
4
value 0.00217
scoring_system epss
scoring_elements 0.44324
published_at 2026-06-08T12:55:00Z
5
value 0.00217
scoring_system epss
scoring_elements 0.44336
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3902
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.4.6.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.4.6.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.4.6.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2015-3902
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cz55-m46r-37gb
102
url VCID-d2qr-f9x6-uqed
vulnerability_id VCID-d2qr-f9x6-uqed
summary Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: other unspecified pages are also reachable, but they have the same root cause. NOTE: this can be leveraged to conduct SQL injection attacks and execute arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5621.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5621.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-5621
reference_id
reference_type
scores
0
value 0.00649
scoring_system epss
scoring_elements 0.71208
published_at 2026-06-04T12:55:00Z
1
value 0.00649
scoring_system epss
scoring_elements 0.71252
published_at 2026-06-05T12:55:00Z
2
value 0.00649
scoring_system epss
scoring_elements 0.71258
published_at 2026-06-06T12:55:00Z
3
value 0.00649
scoring_system epss
scoring_elements 0.71238
published_at 2026-06-07T12:55:00Z
4
value 0.00649
scoring_system epss
scoring_elements 0.71223
published_at 2026-06-08T12:55:00Z
5
value 0.00649
scoring_system epss
scoring_elements 0.71248
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-5621
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5621
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=475954
reference_id 475954
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=475954
4
reference_url https://security.gentoo.org/glsa/200903-32
reference_id GLSA-200903-32
reference_type
scores
url https://security.gentoo.org/glsa/200903-32
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/7382.txt
reference_id OSVDB-50634;CVE-2008-5621
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/7382.txt
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.8.1-5?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.8.1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.8.1-5%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-5621
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d2qr-f9x6-uqed
103
url VCID-d3qn-js1p-7yeq
vulnerability_id VCID-d3qn-js1p-7yeq
summary 
Exposure of Sensitive Information to an Unauthorized Actor
PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0813
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.55129
published_at 2026-06-08T12:55:00Z
1
value 0.00317
scoring_system epss
scoring_elements 0.55092
published_at 2026-06-04T12:55:00Z
2
value 0.00317
scoring_system epss
scoring_elements 0.5515
published_at 2026-06-09T12:55:00Z
3
value 0.00317
scoring_system epss
scoring_elements 0.55157
published_at 2026-06-06T12:55:00Z
4
value 0.00317
scoring_system epss
scoring_elements 0.55148
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0813
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.gentoo.org/glsa/202311-17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202311-17
4
reference_url https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information
reference_id
reference_type
scores
url https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information
5
reference_url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released
6
reference_url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0813
reference_id CVE-2022-0813
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0813
8
reference_url https://github.com/advisories/GHSA-vx8q-j7h9-vf6q
reference_id GHSA-vx8q-j7h9-vf6q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vx8q-j7h9-vf6q
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.1.3%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.1.3%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.1.3%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2022-0813, GHSA-vx8q-j7h9-vf6q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3qn-js1p-7yeq
104
url VCID-d52p-6nur-y3d1
vulnerability_id VCID-d52p-6nur-y3d1
summary Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2016
reference_id
reference_type
scores
0
value 0.00335
scoring_system epss
scoring_elements 0.5666
published_at 2026-06-04T12:55:00Z
1
value 0.00335
scoring_system epss
scoring_elements 0.56712
published_at 2026-06-05T12:55:00Z
2
value 0.00335
scoring_system epss
scoring_elements 0.56718
published_at 2026-06-06T12:55:00Z
3
value 0.00335
scoring_system epss
scoring_elements 0.56707
published_at 2026-06-07T12:55:00Z
4
value 0.00335
scoring_system epss
scoring_elements 0.56692
published_at 2026-06-08T12:55:00Z
5
value 0.00335
scoring_system epss
scoring_elements 0.56711
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2016
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2016
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2016
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.2-3?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.2-3%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-2016
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d52p-6nur-y3d1
105
url VCID-d7jk-a94y-n3ca
vulnerability_id VCID-d7jk-a94y-n3ca
summary phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2038
reference_id
reference_type
scores
0
value 0.01204
scoring_system epss
scoring_elements 0.79276
published_at 2026-06-04T12:55:00Z
1
value 0.01204
scoring_system epss
scoring_elements 0.79302
published_at 2026-06-05T12:55:00Z
2
value 0.01204
scoring_system epss
scoring_elements 0.79307
published_at 2026-06-09T12:55:00Z
3
value 0.01204
scoring_system epss
scoring_elements 0.793
published_at 2026-06-07T12:55:00Z
4
value 0.01204
scoring_system epss
scoring_elements 0.79289
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2038
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2038
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2038
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d7jk-a94y-n3ca
106
url VCID-d8u7-egc2-8bec
vulnerability_id VCID-d8u7-egc2-8bec
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cfg[BgcolorOne], or strServerChoice parameters in select_server.lib.php, (2) the bg_color or row_no parameters in display_tbl_links.lib.php, the left_font_family parameter in theme_left.css.php, or the right_font_family parameter in theme_right.css.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0543
reference_id
reference_type
scores
0
value 0.02795
scoring_system epss
scoring_elements 0.86372
published_at 2026-06-04T12:55:00Z
1
value 0.02795
scoring_system epss
scoring_elements 0.86395
published_at 2026-06-05T12:55:00Z
2
value 0.02795
scoring_system epss
scoring_elements 0.86396
published_at 2026-06-06T12:55:00Z
3
value 0.02795
scoring_system epss
scoring_elements 0.86392
published_at 2026-06-07T12:55:00Z
4
value 0.02795
scoring_system epss
scoring_elements 0.86379
published_at 2026-06-08T12:55:00Z
5
value 0.02795
scoring_system epss
scoring_elements 0.86393
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0543
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0543
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0543
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25152.txt
reference_id CVE-2005-0543;OSVDB-14096
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25152.txt
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25153.txt
reference_id CVE-2005-0543;OSVDB-14097
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25153.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25154.txt
reference_id CVE-2005-0543;OSVDB-14098
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25154.txt
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25155.txt
reference_id CVE-2005-0543;OSVDB-14099
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25155.txt
6
reference_url https://www.securityfocus.com/bid/12644/info
reference_id CVE-2005-0543;OSVDB-14099
reference_type exploit
scores
url https://www.securityfocus.com/bid/12644/info
7
reference_url https://security.gentoo.org/glsa/200503-07
reference_id GLSA-200503-07
reference_type
scores
url https://security.gentoo.org/glsa/200503-07
fixed_packages
0
url pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-0543
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d8u7-egc2-8bec
107
url VCID-dbk1-n9kh-dfhm
vulnerability_id VCID-dbk1-n9kh-dfhm
summary Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5704
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51368
published_at 2026-06-04T12:55:00Z
1
value 0.00277
scoring_system epss
scoring_elements 0.51402
published_at 2026-06-09T12:55:00Z
2
value 0.00277
scoring_system epss
scoring_elements 0.51382
published_at 2026-06-08T12:55:00Z
3
value 0.00277
scoring_system epss
scoring_elements 0.51434
published_at 2026-06-06T12:55:00Z
4
value 0.00277
scoring_system epss
scoring_elements 0.5143
published_at 2026-06-05T12:55:00Z
5
value 0.00277
scoring_system epss
scoring_elements 0.51413
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5704
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5704
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/72213573182896bd6a6e5af5ba1881dd87c4a20b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/72213573182896bd6a6e5af5ba1881dd87c4a20b
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5704
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5704
5
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
6
reference_url https://www.phpmyadmin.net/security/PMASA-2016-20
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-20
7
reference_url https://www.phpmyadmin.net/security/PMASA-2016-20/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2016-20/
8
reference_url https://github.com/advisories/GHSA-gcvp-cwgw-wx8j
reference_id GHSA-gcvp-cwgw-wx8j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gcvp-cwgw-wx8j
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5704, GHSA-gcvp-cwgw-wx8j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dbk1-n9kh-dfhm
108
url VCID-dfsz-1y13-yug9
vulnerability_id VCID-dfsz-1y13-yug9
summary An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in saved searches feature. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9858
reference_id
reference_type
scores
0
value 0.00553
scoring_system epss
scoring_elements 0.68419
published_at 2026-06-04T12:55:00Z
1
value 0.00553
scoring_system epss
scoring_elements 0.6846
published_at 2026-06-05T12:55:00Z
2
value 0.00553
scoring_system epss
scoring_elements 0.68468
published_at 2026-06-06T12:55:00Z
3
value 0.00553
scoring_system epss
scoring_elements 0.68462
published_at 2026-06-07T12:55:00Z
4
value 0.00553
scoring_system epss
scoring_elements 0.68446
published_at 2026-06-08T12:55:00Z
5
value 0.00553
scoring_system epss
scoring_elements 0.68464
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9858
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9858
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9858
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dfsz-1y13-yug9
109
url VCID-dgvs-kqpd-gfcy
vulnerability_id VCID-dgvs-kqpd-gfcy
summary Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2045
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.52025
published_at 2026-06-04T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.52085
published_at 2026-06-05T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.52095
published_at 2026-06-06T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.52075
published_at 2026-06-07T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.52043
published_at 2026-06-08T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.52062
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2045
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2045
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2045
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2045
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgvs-kqpd-gfcy
110
url VCID-dj5f-y77j-d7dx
vulnerability_id VCID-dj5f-y77j-d7dx
summary An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9849
reference_id
reference_type
scores
0
value 0.00217
scoring_system epss
scoring_elements 0.44277
published_at 2026-06-04T12:55:00Z
1
value 0.00295
scoring_system epss
scoring_elements 0.53113
published_at 2026-06-05T12:55:00Z
2
value 0.00295
scoring_system epss
scoring_elements 0.53121
published_at 2026-06-06T12:55:00Z
3
value 0.00295
scoring_system epss
scoring_elements 0.53102
published_at 2026-06-09T12:55:00Z
4
value 0.00295
scoring_system epss
scoring_elements 0.53078
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9849
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9849
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9849
2
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9849
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dj5f-y77j-d7dx
111
url VCID-dmqy-9xth-cuhs
vulnerability_id VCID-dmqy-9xth-cuhs
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23808
reference_id
reference_type
scores
0
value 0.49362
scoring_system epss
scoring_elements 0.97847
published_at 2026-06-09T12:55:00Z
1
value 0.49362
scoring_system epss
scoring_elements 0.97848
published_at 2026-06-08T12:55:00Z
2
value 0.49362
scoring_system epss
scoring_elements 0.97846
published_at 2026-06-05T12:55:00Z
3
value 0.49362
scoring_system epss
scoring_elements 0.97842
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23808
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23808
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23808
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/44eb12f15a562718bbe54c9a16af91ceea335d59
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/44eb12f15a562718bbe54c9a16af91ceea335d59
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/5118acce1dfcdb09cbc0f73927bf51c46feeaf38
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/5118acce1dfcdb09cbc0f73927bf51c46feeaf38
5
reference_url https://infosecwriteups.com/exploit-cve-2022-23808-85041c6e5b97
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:03Z/
url https://infosecwriteups.com/exploit-cve-2022-23808-85041c6e5b97
6
reference_url https://security.gentoo.org/glsa/202311-17
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:03Z/
url https://security.gentoo.org/glsa/202311-17
7
reference_url https://www.phpmyadmin.net/security/PMASA-2022-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2022-2
8
reference_url https://www.phpmyadmin.net/security/PMASA-2022-2/
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:03Z/
url https://www.phpmyadmin.net/security/PMASA-2022-2/
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23808
reference_id CVE-2022-23808
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23808
10
reference_url https://github.com/advisories/GHSA-vcwc-6mr9-8m7c
reference_id GHSA-vcwc-6mr9-8m7c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vcwc-6mr9-8m7c
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.1.3%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.1.3%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.1.3%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2022-23808, GHSA-vcwc-6mr9-8m7c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmqy-9xth-cuhs
112
url VCID-dmu5-2jjk-rkcd
vulnerability_id VCID-dmu5-2jjk-rkcd
summary libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and consequently execute arbitrary PHP code, by leveraging the ability to modify the SESSION superglobal array.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2507
reference_id
reference_type
scores
0
value 0.03737
scoring_system epss
scoring_elements 0.88209
published_at 2026-06-04T12:55:00Z
1
value 0.03737
scoring_system epss
scoring_elements 0.8823
published_at 2026-06-05T12:55:00Z
2
value 0.03737
scoring_system epss
scoring_elements 0.88232
published_at 2026-06-06T12:55:00Z
3
value 0.03737
scoring_system epss
scoring_elements 0.88231
published_at 2026-06-08T12:55:00Z
4
value 0.03737
scoring_system epss
scoring_elements 0.88246
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2507
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2507
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmu5-2jjk-rkcd
113
url VCID-dp72-nvcf-nyfd
vulnerability_id VCID-dp72-nvcf-nyfd
summary phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104725.html
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104725.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104770.html
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104770.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104936.html
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104936.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3239
reference_id
reference_type
scores
0
value 0.12333
scoring_system epss
scoring_elements 0.9402
published_at 2026-06-09T12:55:00Z
1
value 0.12333
scoring_system epss
scoring_elements 0.94006
published_at 2026-06-04T12:55:00Z
2
value 0.12333
scoring_system epss
scoring_elements 0.94015
published_at 2026-06-07T12:55:00Z
3
value 0.12333
scoring_system epss
scoring_elements 0.94014
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3239
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3239
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3239
6
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1f6bc0b707002e26cab216b9e57b4d5de764de48
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1f6bc0b707002e26cab216b9e57b4d5de764de48
8
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/d3fafdfba0807068196655e9b6d16c5d1d3ccf8a
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/d3fafdfba0807068196655e9b6d16c5d1d3ccf8a
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-3239
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-3239
10
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2013-3.php
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2013-3.php
11
reference_url https://github.com/advisories/GHSA-gg36-9346-9qx9
reference_id GHSA-gg36-9346-9qx9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gg36-9346-9qx9
12
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.11.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.11.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-3239, GHSA-gg36-9346-9qx9
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dp72-nvcf-nyfd
114
url VCID-dx3h-z4dg-m3e1
vulnerability_id VCID-dx3h-z4dg-m3e1
summary 
SQL Injection
In phpMyAdmin, an SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in `libraries/classes/Controllers/Table/TableSearchController.php`. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10802
reference_id
reference_type
scores
0
value 0.01229
scoring_system epss
scoring_elements 0.79495
published_at 2026-06-04T12:55:00Z
1
value 0.01229
scoring_system epss
scoring_elements 0.79522
published_at 2026-06-05T12:55:00Z
2
value 0.01229
scoring_system epss
scoring_elements 0.79521
published_at 2026-06-07T12:55:00Z
3
value 0.01229
scoring_system epss
scoring_elements 0.79528
published_at 2026-06-06T12:55:00Z
4
value 0.01229
scoring_system epss
scoring_elements 0.79511
published_at 2026-06-08T12:55:00Z
5
value 0.01229
scoring_system epss
scoring_elements 0.79529
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10802
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml
6
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
7
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO
11
reference_url https://www.phpmyadmin.net/security/PMASA-2020-3
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-3
12
reference_url https://www.phpmyadmin.net/security/PMASA-2020-3/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-3/
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665
reference_id 954665
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10802
reference_id CVE-2020-10802
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10802
15
reference_url https://github.com/advisories/GHSA-f4cr-3xmc-2wpm
reference_id GHSA-f4cr-3xmc-2wpm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f4cr-3xmc-2wpm
16
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.5%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.5%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.5%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2020-10802, GHSA-f4cr-3xmc-2wpm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dx3h-z4dg-m3e1
115
url VCID-e18p-vjux-tbe5
vulnerability_id VCID-e18p-vjux-tbe5
summary Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3197.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3197.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3197
reference_id
reference_type
scores
0
value 0.00466
scoring_system epss
scoring_elements 0.64758
published_at 2026-06-04T12:55:00Z
1
value 0.00466
scoring_system epss
scoring_elements 0.64801
published_at 2026-06-05T12:55:00Z
2
value 0.00466
scoring_system epss
scoring_elements 0.64811
published_at 2026-06-06T12:55:00Z
3
value 0.00466
scoring_system epss
scoring_elements 0.648
published_at 2026-06-07T12:55:00Z
4
value 0.00466
scoring_system epss
scoring_elements 0.64789
published_at 2026-06-08T12:55:00Z
5
value 0.00466
scoring_system epss
scoring_elements 0.64807
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3197
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3197
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3197
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=455520
reference_id 455520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=455520
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.7.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.7.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-3197
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e18p-vjux-tbe5
116
url VCID-e677-1yaz-g3em
vulnerability_id VCID-e677-1yaz-g3em
summary Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3742
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.40004
published_at 2026-06-04T12:55:00Z
1
value 0.00185
scoring_system epss
scoring_elements 0.40086
published_at 2026-06-05T12:55:00Z
2
value 0.00185
scoring_system epss
scoring_elements 0.40088
published_at 2026-06-06T12:55:00Z
3
value 0.00185
scoring_system epss
scoring_elements 0.4006
published_at 2026-06-07T12:55:00Z
4
value 0.00185
scoring_system epss
scoring_elements 0.40032
published_at 2026-06-08T12:55:00Z
5
value 0.00185
scoring_system epss
scoring_elements 0.40049
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3742
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3742
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.1-3?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.1-3%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-3742
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e677-1yaz-g3em
117
url VCID-efw4-vdcz-3yfn
vulnerability_id VCID-efw4-vdcz-3yfn
summary libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2719
reference_id
reference_type
scores
0
value 0.01944
scoring_system epss
scoring_elements 0.83772
published_at 2026-06-04T12:55:00Z
1
value 0.01944
scoring_system epss
scoring_elements 0.83795
published_at 2026-06-05T12:55:00Z
2
value 0.01944
scoring_system epss
scoring_elements 0.83796
published_at 2026-06-09T12:55:00Z
3
value 0.01944
scoring_system epss
scoring_elements 0.83792
published_at 2026-06-07T12:55:00Z
4
value 0.01944
scoring_system epss
scoring_elements 0.83783
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2719
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2719
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2719
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2719
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efw4-vdcz-3yfn
118
url VCID-eqw3-es5t-5qan
vulnerability_id VCID-eqw3-es5t-5qan
summary phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=035d002db1e1201e73e560d7d98591563b506a83
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=035d002db1e1201e73e560d7d98591563b506a83
3
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=035d002db1e1201e73e560d7d98591563b506a83
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=035d002db1e1201e73e560d7d98591563b506a83
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0986
reference_id
reference_type
scores
0
value 0.00546
scoring_system epss
scoring_elements 0.68208
published_at 2026-06-07T12:55:00Z
1
value 0.00546
scoring_system epss
scoring_elements 0.6821
published_at 2026-06-09T12:55:00Z
2
value 0.00546
scoring_system epss
scoring_elements 0.68169
published_at 2026-06-04T12:55:00Z
3
value 0.00546
scoring_system epss
scoring_elements 0.68216
published_at 2026-06-06T12:55:00Z
4
value 0.00546
scoring_system epss
scoring_elements 0.68193
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0986
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/65424
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/65424
7
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-0986
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-0986
9
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:026
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:026
10
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php
11
reference_url https://github.com/advisories/GHSA-wcmm-28rg-mg3r
reference_id GHSA-wcmm-28rg-mg3r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wcmm-28rg-mg3r
12
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.9.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.9.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.9.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-0986, GHSA-wcmm-28rg-mg3r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eqw3-es5t-5qan
119
url VCID-euu1-7mh3-x7hs
vulnerability_id VCID-euu1-7mh3-x7hs
summary Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6374
reference_id
reference_type
scores
0
value 0.00717
scoring_system epss
scoring_elements 0.72796
published_at 2026-06-04T12:55:00Z
1
value 0.00717
scoring_system epss
scoring_elements 0.72834
published_at 2026-06-05T12:55:00Z
2
value 0.00717
scoring_system epss
scoring_elements 0.72842
published_at 2026-06-06T12:55:00Z
3
value 0.00717
scoring_system epss
scoring_elements 0.72825
published_at 2026-06-07T12:55:00Z
4
value 0.00717
scoring_system epss
scoring_elements 0.72812
published_at 2026-06-08T12:55:00Z
5
value 0.00717
scoring_system epss
scoring_elements 0.72836
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6374
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-6374
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-euu1-7mh3-x7hs
120
url VCID-f4vt-hr4k-byg1
vulnerability_id VCID-f4vt-hr4k-byg1
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1678
reference_id
reference_type
scores
0
value 0.0103
scoring_system epss
scoring_elements 0.77663
published_at 2026-06-04T12:55:00Z
1
value 0.0103
scoring_system epss
scoring_elements 0.7769
published_at 2026-06-05T12:55:00Z
2
value 0.0103
scoring_system epss
scoring_elements 0.77698
published_at 2026-06-06T12:55:00Z
3
value 0.0103
scoring_system epss
scoring_elements 0.77687
published_at 2026-06-07T12:55:00Z
4
value 0.0103
scoring_system epss
scoring_elements 0.77677
published_at 2026-06-08T12:55:00Z
5
value 0.0103
scoring_system epss
scoring_elements 0.77695
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1678
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1678
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1678
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=362567
reference_id 362567
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=362567
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.0.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.0.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.0.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-1678
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f4vt-hr4k-byg1
121
url VCID-fa4e-8zf1-b3e3
vulnerability_id VCID-fa4e-8zf1-b3e3
summary SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the vendor and a third party have disputed this issue, saying that the main task of the program is to support query execution by authenticated users, and no external attack scenario exists without an auto-login configuration. Thus it is likely that this issue will be REJECTED. However, a closely related CSRF issue has been assigned CVE-2005-4450
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-4349
reference_id
reference_type
scores
0
value 0.01659
scoring_system epss
scoring_elements 0.82395
published_at 2026-06-04T12:55:00Z
1
value 0.01659
scoring_system epss
scoring_elements 0.82422
published_at 2026-06-05T12:55:00Z
2
value 0.01659
scoring_system epss
scoring_elements 0.82421
published_at 2026-06-06T12:55:00Z
3
value 0.01659
scoring_system epss
scoring_elements 0.8242
published_at 2026-06-07T12:55:00Z
4
value 0.01659
scoring_system epss
scoring_elements 0.82413
published_at 2026-06-08T12:55:00Z
5
value 0.01659
scoring_system epss
scoring_elements 0.82427
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-4349
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4349
2
reference_url http://secunia.com/advisories/18113
reference_id 18113
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/
url http://secunia.com/advisories/18113
3
reference_url http://securityreason.com/securityalert/270
reference_id 270
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/
url http://securityreason.com/securityalert/270
4
reference_url http://www.vupen.com/english/advisories/2005/2995
reference_id 2995
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/
url http://www.vupen.com/english/advisories/2005/2995
5
reference_url http://marc.info/?l=bugtraq&m=113486637512821&w=2
reference_id ?l=bugtraq&m=113486637512821&w=2
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/
url http://marc.info/?l=bugtraq&m=113486637512821&w=2
6
reference_url http://www.securityfocus.com/archive/1/419829/100/0/threaded
reference_id threaded
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/
url http://www.securityfocus.com/archive/1/419829/100/0/threaded
7
reference_url http://www.securityfocus.com/archive/1/419832/100/0/threaded
reference_id threaded
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-15T19:20:51Z/
url http://www.securityfocus.com/archive/1/419832/100/0/threaded
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.2.0-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.2.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.2.0-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-4349
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fa4e-8zf1-b3e3
122
url VCID-fc5a-pvtd-wkcz
vulnerability_id VCID-fc5a-pvtd-wkcz
summary phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5000
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48525
published_at 2026-06-04T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48587
published_at 2026-06-05T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.48595
published_at 2026-06-06T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48576
published_at 2026-06-07T12:55:00Z
4
value 0.0025
scoring_system epss
scoring_elements 0.48548
published_at 2026-06-08T12:55:00Z
5
value 0.0025
scoring_system epss
scoring_elements 0.48561
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5000
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5000
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5000
2
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-5000
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fc5a-pvtd-wkcz
123
url VCID-fsub-2bfp-8qbw
vulnerability_id VCID-fsub-2bfp-8qbw
summary Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8959
reference_id
reference_type
scores
0
value 0.02772
scoring_system epss
scoring_elements 0.86311
published_at 2026-06-04T12:55:00Z
1
value 0.02772
scoring_system epss
scoring_elements 0.86332
published_at 2026-06-09T12:55:00Z
2
value 0.02772
scoring_system epss
scoring_elements 0.86334
published_at 2026-06-06T12:55:00Z
3
value 0.02772
scoring_system epss
scoring_elements 0.86331
published_at 2026-06-07T12:55:00Z
4
value 0.02772
scoring_system epss
scoring_elements 0.86319
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8959
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8959
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-8959
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fsub-2bfp-8qbw
124
url VCID-g2uy-ekyf-4bcj
vulnerability_id VCID-g2uy-ekyf-4bcj
summary Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2043
reference_id
reference_type
scores
0
value 0.00394
scoring_system epss
scoring_elements 0.60616
published_at 2026-06-04T12:55:00Z
1
value 0.00394
scoring_system epss
scoring_elements 0.60664
published_at 2026-06-05T12:55:00Z
2
value 0.00394
scoring_system epss
scoring_elements 0.60672
published_at 2026-06-06T12:55:00Z
3
value 0.00394
scoring_system epss
scoring_elements 0.60661
published_at 2026-06-09T12:55:00Z
4
value 0.00394
scoring_system epss
scoring_elements 0.60645
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2043
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2043
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2043
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2043
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2uy-ekyf-4bcj
125
url VCID-g3fk-u3aq-dffu
vulnerability_id VCID-g3fk-u3aq-dffu
summary Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3181
reference_id
reference_type
scores
0
value 0.00604
scoring_system epss
scoring_elements 0.69981
published_at 2026-06-04T12:55:00Z
1
value 0.00604
scoring_system epss
scoring_elements 0.70022
published_at 2026-06-05T12:55:00Z
2
value 0.00604
scoring_system epss
scoring_elements 0.7003
published_at 2026-06-06T12:55:00Z
3
value 0.00604
scoring_system epss
scoring_elements 0.70017
published_at 2026-06-07T12:55:00Z
4
value 0.00604
scoring_system epss
scoring_elements 0.70005
published_at 2026-06-08T12:55:00Z
5
value 0.00604
scoring_system epss
scoring_elements 0.70029
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3181
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3181
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3181
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-3181
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g3fk-u3aq-dffu
126
url VCID-g42v-dzmw-t7bc
vulnerability_id VCID-g42v-dzmw-t7bc
summary Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3240.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3240.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3240
reference_id
reference_type
scores
0
value 0.04055
scoring_system epss
scoring_elements 0.88725
published_at 2026-06-04T12:55:00Z
1
value 0.04055
scoring_system epss
scoring_elements 0.88742
published_at 2026-06-08T12:55:00Z
2
value 0.04055
scoring_system epss
scoring_elements 0.88744
published_at 2026-06-06T12:55:00Z
3
value 0.04055
scoring_system epss
scoring_elements 0.88759
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3240
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-3240
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g42v-dzmw-t7bc
127
url VCID-ghxh-h4px-rbbk
vulnerability_id VCID-ghxh-h4px-rbbk
summary Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5386
reference_id
reference_type
scores
0
value 0.11824
scoring_system epss
scoring_elements 0.9385
published_at 2026-06-04T12:55:00Z
1
value 0.11824
scoring_system epss
scoring_elements 0.9386
published_at 2026-06-05T12:55:00Z
2
value 0.11824
scoring_system epss
scoring_elements 0.93859
published_at 2026-06-07T12:55:00Z
3
value 0.11824
scoring_system epss
scoring_elements 0.93858
published_at 2026-06-08T12:55:00Z
4
value 0.11824
scoring_system epss
scoring_elements 0.93863
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5386
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5386
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446451
reference_id 446451
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446451
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/30653.txt
reference_id CVE-2007-5386;OSVDB-37678
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/30653.txt
4
reference_url https://www.securityfocus.com/bid/26020/info
reference_id CVE-2007-5386;OSVDB-37678
reference_type exploit
scores
url https://www.securityfocus.com/bid/26020/info
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.1.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.1.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.1.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-5386
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ghxh-h4px-rbbk
128
url VCID-gmjk-222y-abda
vulnerability_id VCID-gmjk-222y-abda
summary 
Information Exposure
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user session, username, and password are not compromised by this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6625
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.51126
published_at 2026-06-04T12:55:00Z
1
value 0.00275
scoring_system epss
scoring_elements 0.5116
published_at 2026-06-09T12:55:00Z
2
value 0.00275
scoring_system epss
scoring_elements 0.51141
published_at 2026-06-08T12:55:00Z
3
value 0.00275
scoring_system epss
scoring_elements 0.51193
published_at 2026-06-06T12:55:00Z
4
value 0.00275
scoring_system epss
scoring_elements 0.51188
published_at 2026-06-05T12:55:00Z
5
value 0.00275
scoring_system epss
scoring_elements 0.51171
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6625
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-48
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-48
5
reference_url http://www.securityfocus.com/bid/92491
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92491
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6625
reference_id CVE-2016-6625
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6625
7
reference_url https://github.com/advisories/GHSA-r643-7xfg-ppc5
reference_id GHSA-r643-7xfg-ppc5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r643-7xfg-ppc5
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6625, GHSA-r643-7xfg-ppc5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gmjk-222y-abda
129
url VCID-gqxb-6rey-rbhv
vulnerability_id VCID-gqxb-6rey-rbhv
summary 
phpMyAdmin vulnerable to Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5733
reference_id
reference_type
scores
0
value 0.01085
scoring_system epss
scoring_elements 0.78254
published_at 2026-06-05T12:55:00Z
1
value 0.01085
scoring_system epss
scoring_elements 0.78257
published_at 2026-06-09T12:55:00Z
2
value 0.01085
scoring_system epss
scoring_elements 0.78239
published_at 2026-06-08T12:55:00Z
3
value 0.01085
scoring_system epss
scoring_elements 0.78261
published_at 2026-06-06T12:55:00Z
4
value 0.01085
scoring_system epss
scoring_elements 0.78228
published_at 2026-06-04T12:55:00Z
5
value 0.01085
scoring_system epss
scoring_elements 0.78251
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5733
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c
20
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322
21
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b
22
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc
23
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865
24
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88
25
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
26
reference_url https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390
27
reference_url https://www.phpmyadmin.net/security/PMASA-2016-26
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-26
28
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5733
reference_id CVE-2016-5733
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5733
30
reference_url https://github.com/advisories/GHSA-cr65-p662-fx5c
reference_id GHSA-cr65-p662-fx5c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cr65-p662-fx5c
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5733, GHSA-cr65-p662-fx5c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqxb-6rey-rbhv
130
url VCID-gtps-py3z-13cu
vulnerability_id VCID-gtps-py3z-13cu
summary 
Code Injection
An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6633
reference_id
reference_type
scores
0
value 0.01833
scoring_system epss
scoring_elements 0.83267
published_at 2026-06-04T12:55:00Z
1
value 0.01833
scoring_system epss
scoring_elements 0.83296
published_at 2026-06-09T12:55:00Z
2
value 0.01833
scoring_system epss
scoring_elements 0.83283
published_at 2026-06-08T12:55:00Z
3
value 0.01833
scoring_system epss
scoring_elements 0.83294
published_at 2026-06-06T12:55:00Z
4
value 0.01833
scoring_system epss
scoring_elements 0.83293
published_at 2026-06-05T12:55:00Z
5
value 0.01833
scoring_system epss
scoring_elements 0.8329
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6633
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-56
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-56
5
reference_url http://www.securityfocus.com/bid/92500
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92500
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6633
reference_id CVE-2016-6633
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6633
7
reference_url https://github.com/advisories/GHSA-p849-vf5f-f3x7
reference_id GHSA-p849-vf5f-f3x7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p849-vf5f-f3x7
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6633, GHSA-p849-vf5f-f3x7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtps-py3z-13cu
131
url VCID-gtzb-h7zg-1fgq
vulnerability_id VCID-gtzb-h7zg-1fgq
summary SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5976.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5976.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5976
reference_id
reference_type
scores
0
value 0.01336
scoring_system epss
scoring_elements 0.80327
published_at 2026-06-04T12:55:00Z
1
value 0.01336
scoring_system epss
scoring_elements 0.80352
published_at 2026-06-07T12:55:00Z
2
value 0.01336
scoring_system epss
scoring_elements 0.80355
published_at 2026-06-06T12:55:00Z
3
value 0.01336
scoring_system epss
scoring_elements 0.80346
published_at 2026-06-08T12:55:00Z
4
value 0.01336
scoring_system epss
scoring_elements 0.80367
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5976
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5976
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=385881
reference_id 385881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=385881
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451465
reference_id 451465
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451465
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.2.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.2.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.2.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-5976
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtzb-h7zg-1fgq
132
url VCID-gx8h-5h14-dqez
vulnerability_id VCID-gx8h-5h14-dqez
summary 
jquery-validation vulnerable to Cross-site Scripting
Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3573.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3573.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-3573
reference_id
reference_type
scores
0
value 0.00341
scoring_system epss
scoring_elements 0.57076
published_at 2026-06-09T12:55:00Z
1
value 0.00341
scoring_system epss
scoring_elements 0.57078
published_at 2026-06-05T12:55:00Z
2
value 0.00341
scoring_system epss
scoring_elements 0.57085
published_at 2026-06-06T12:55:00Z
3
value 0.00341
scoring_system epss
scoring_elements 0.57073
published_at 2026-06-07T12:55:00Z
4
value 0.00341
scoring_system epss
scoring_elements 0.57058
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-3573
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3573
3
reference_url https://github.com/jquery-validation/jquery-validation
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation
4
reference_url https://github.com/jquery-validation/jquery-validation/commit/7a490d8f39bd988027568ddcf51755e1f4688902
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation/commit/7a490d8f39bd988027568ddcf51755e1f4688902
5
reference_url https://github.com/jquery-validation/jquery-validation/pull/2462
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation/pull/2462
6
reference_url https://security.snyk.io/vuln/SNYK-JS-JQUERYVALIDATION-5952285
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JS-JQUERYVALIDATION-5952285
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103445
reference_id 1103445
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103445
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104134
reference_id 1104134
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104134
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104135
reference_id 1104135
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104135
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104136
reference_id 1104136
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104136
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2359682
reference_id 2359682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2359682
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-3573
reference_id CVE-2025-3573
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-3573
13
reference_url https://github.com/advisories/GHSA-rrj2-ph5q-jxw2
reference_id GHSA-rrj2-ph5q-jxw2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rrj2-ph5q-jxw2
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-2%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2025-3573, GHSA-rrj2-ph5q-jxw2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gx8h-5h14-dqez
133
url VCID-gzwb-ju7m-juf7
vulnerability_id VCID-gzwb-ju7m-juf7
summary A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6610
reference_id
reference_type
scores
0
value 0.00321
scoring_system epss
scoring_elements 0.55394
published_at 2026-06-04T12:55:00Z
1
value 0.00321
scoring_system epss
scoring_elements 0.5545
published_at 2026-06-05T12:55:00Z
2
value 0.00321
scoring_system epss
scoring_elements 0.55455
published_at 2026-06-06T12:55:00Z
3
value 0.00321
scoring_system epss
scoring_elements 0.55444
published_at 2026-06-07T12:55:00Z
4
value 0.00321
scoring_system epss
scoring_elements 0.55424
published_at 2026-06-08T12:55:00Z
5
value 0.00321
scoring_system epss
scoring_elements 0.55443
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6610
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6610
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6610
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6610
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzwb-ju7m-juf7
134
url VCID-har4-gaft-m7e8
vulnerability_id VCID-har4-gaft-m7e8
summary An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24529
reference_id
reference_type
scores
0
value 0.0028
scoring_system epss
scoring_elements 0.51674
published_at 2026-06-06T12:55:00Z
1
value 0.0028
scoring_system epss
scoring_elements 0.5162
published_at 2026-06-08T12:55:00Z
2
value 0.0028
scoring_system epss
scoring_elements 0.51639
published_at 2026-06-09T12:55:00Z
3
value 0.0028
scoring_system epss
scoring_elements 0.51668
published_at 2026-06-05T12:55:00Z
4
value 0.0028
scoring_system epss
scoring_elements 0.51652
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24529
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24529
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24529
2
reference_url https://www.phpmyadmin.net/security/PMASA-2025-2/
reference_id PMASA-2025-2
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T15:02:51Z/
url https://www.phpmyadmin.net/security/PMASA-2025-2/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really5.2.2%2B20250121%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really5.2.2%2B20250121%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really5.2.2%252B20250121%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2025-24529
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-har4-gaft-m7e8
135
url VCID-hbp6-s544-pqaw
vulnerability_id VCID-hbp6-s544-pqaw
summary An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6631
reference_id
reference_type
scores
0
value 0.04156
scoring_system epss
scoring_elements 0.88865
published_at 2026-06-04T12:55:00Z
1
value 0.04156
scoring_system epss
scoring_elements 0.88883
published_at 2026-06-07T12:55:00Z
2
value 0.04156
scoring_system epss
scoring_elements 0.88882
published_at 2026-06-08T12:55:00Z
3
value 0.04156
scoring_system epss
scoring_elements 0.88899
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6631
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6631
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6631
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbp6-s544-pqaw
136
url VCID-hdwj-u6ne-s7ay
vulnerability_id VCID-hdwj-u6ne-s7ay
summary Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4064
reference_id
reference_type
scores
0
value 0.00523
scoring_system epss
scoring_elements 0.67258
published_at 2026-06-04T12:55:00Z
1
value 0.00523
scoring_system epss
scoring_elements 0.67299
published_at 2026-06-05T12:55:00Z
2
value 0.00523
scoring_system epss
scoring_elements 0.67307
published_at 2026-06-06T12:55:00Z
3
value 0.00523
scoring_system epss
scoring_elements 0.67293
published_at 2026-06-09T12:55:00Z
4
value 0.00523
scoring_system epss
scoring_elements 0.67277
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4064
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4064
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-4064
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hdwj-u6ne-s7ay
137
url VCID-hetz-y76u-6ucp
vulnerability_id VCID-hetz-y76u-6ucp
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2960.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2960.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2960
reference_id
reference_type
scores
0
value 0.00676
scoring_system epss
scoring_elements 0.71877
published_at 2026-06-04T12:55:00Z
1
value 0.00676
scoring_system epss
scoring_elements 0.71916
published_at 2026-06-05T12:55:00Z
2
value 0.00676
scoring_system epss
scoring_elements 0.71923
published_at 2026-06-06T12:55:00Z
3
value 0.00676
scoring_system epss
scoring_elements 0.71901
published_at 2026-06-07T12:55:00Z
4
value 0.00676
scoring_system epss
scoring_elements 0.71886
published_at 2026-06-08T12:55:00Z
5
value 0.00754
scoring_system epss
scoring_elements 0.73621
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2960
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=452497
reference_id 452497
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=452497
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.7~rc2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.7~rc2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.7~rc2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-2960
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hetz-y76u-6ucp
138
url VCID-hsbx-sk4x-2qb3
vulnerability_id VCID-hsbx-sk4x-2qb3
summary 
Improper Authentication
An issue was discovered in phpMyAdm in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for allowed pages.
references
0
reference_url http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12613
reference_id
reference_type
scores
0
value 0.94262
scoring_system epss
scoring_elements 0.99938
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12613
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201904-16
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
4
reference_url https://www.exploit-db.com/exploits/44924
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44924
5
reference_url https://www.exploit-db.com/exploits/44924/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44924/
6
reference_url https://www.exploit-db.com/exploits/44928
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44928
7
reference_url https://www.exploit-db.com/exploits/44928/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44928/
8
reference_url https://www.exploit-db.com/exploits/45020
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/45020
9
reference_url https://www.exploit-db.com/exploits/45020/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/45020/
10
reference_url https://www.phpmyadmin.net/security/PMASA-2018-4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-4
11
reference_url https://www.phpmyadmin.net/security/PMASA-2018-4/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-4/
12
reference_url http://www.securityfocus.com/bid/104532
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104532
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb
14
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt
16
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py
reference_id CVE-2018-12613
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py
17
reference_url https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR
reference_id CVE-2018-12613
reference_type exploit
scores
url https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12613
reference_id CVE-2018-12613
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-12613
19
reference_url https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb
reference_id CVE-2018-12613
reference_type exploit
scores
url https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb
20
reference_url https://github.com/advisories/GHSA-x394-g9j8-x7mf
reference_id GHSA-x394-g9j8-x7mf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x394-g9j8-x7mf
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-12613, GHSA-x394-g9j8-x7mf
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hsbx-sk4x-2qb3
139
url VCID-hw5n-kv9r-8yej
vulnerability_id VCID-hw5n-kv9r-8yej
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Host HTTP header, related to libraries/Config.class.php; (2) crafted JSON data, related to file_echo.php; (3) a crafted SQL query, related to js/functions.js; (4) the initial parameter to libraries/server_privileges.lib.php in the user accounts page; or (5) the it parameter to libraries/controllers/TableSearchController.class.php in the zoom search page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2560
reference_id
reference_type
scores
0
value 0.0134
scoring_system epss
scoring_elements 0.80346
published_at 2026-06-04T12:55:00Z
1
value 0.0134
scoring_system epss
scoring_elements 0.80371
published_at 2026-06-07T12:55:00Z
2
value 0.0134
scoring_system epss
scoring_elements 0.80374
published_at 2026-06-06T12:55:00Z
3
value 0.0134
scoring_system epss
scoring_elements 0.80366
published_at 2026-06-08T12:55:00Z
4
value 0.0134
scoring_system epss
scoring_elements 0.80387
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2560
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2560
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hw5n-kv9r-8yej
140
url VCID-hyn6-xxxq-57f4
vulnerability_id VCID-hyn6-xxxq-57f4
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5273
reference_id
reference_type
scores
0
value 0.00381
scoring_system epss
scoring_elements 0.59835
published_at 2026-06-04T12:55:00Z
1
value 0.00381
scoring_system epss
scoring_elements 0.59884
published_at 2026-06-05T12:55:00Z
2
value 0.00381
scoring_system epss
scoring_elements 0.59888
published_at 2026-06-06T12:55:00Z
3
value 0.00381
scoring_system epss
scoring_elements 0.59879
published_at 2026-06-07T12:55:00Z
4
value 0.00381
scoring_system epss
scoring_elements 0.5986
published_at 2026-06-08T12:55:00Z
5
value 0.00381
scoring_system epss
scoring_elements 0.59878
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5273
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5273
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5273
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536
reference_id 758536
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758536
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.7.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.7.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-5273
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hyn6-xxxq-57f4
141
url VCID-j589-8hrn-9bae
vulnerability_id VCID-j589-8hrn-9bae
summary 
Improper Input Validation
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000016
reference_id
reference_type
scores
0
value 0.00488
scoring_system epss
scoring_elements 0.65881
published_at 2026-06-09T12:55:00Z
1
value 0.00488
scoring_system epss
scoring_elements 0.65823
published_at 2026-06-04T12:55:00Z
2
value 0.00488
scoring_system epss
scoring_elements 0.65876
published_at 2026-06-05T12:55:00Z
3
value 0.00488
scoring_system epss
scoring_elements 0.65888
published_at 2026-06-06T12:55:00Z
4
value 0.00488
scoring_system epss
scoring_elements 0.65874
published_at 2026-06-07T12:55:00Z
5
value 0.00488
scoring_system epss
scoring_elements 0.65863
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000016
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000016
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000016
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/3b6ed1f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/3b6ed1f
3
reference_url https://www.phpmyadmin.net/security/PMASA-2017-5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-5
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000016
reference_id CVE-2017-1000016
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000016
5
reference_url https://github.com/advisories/GHSA-j2cq-h6v2-f875
reference_id GHSA-j2cq-h6v2-f875
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j2cq-h6v2-f875
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-1000016, GHSA-j2cq-h6v2-f875
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j589-8hrn-9bae
142
url VCID-jabw-t2hb-q3e9
vulnerability_id VCID-jabw-t2hb-q3e9
summary An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9848
reference_id
reference_type
scores
0
value 0.00336
scoring_system epss
scoring_elements 0.567
published_at 2026-06-04T12:55:00Z
1
value 0.00336
scoring_system epss
scoring_elements 0.56752
published_at 2026-06-09T12:55:00Z
2
value 0.00336
scoring_system epss
scoring_elements 0.56759
published_at 2026-06-06T12:55:00Z
3
value 0.00336
scoring_system epss
scoring_elements 0.56748
published_at 2026-06-07T12:55:00Z
4
value 0.00336
scoring_system epss
scoring_elements 0.56733
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9848
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9848
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9848
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9848
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jabw-t2hb-q3e9
143
url VCID-jc5h-5wna-zbek
vulnerability_id VCID-jc5h-5wna-zbek
summary phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1567.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1567.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1567
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12532
published_at 2026-06-04T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12613
published_at 2026-06-05T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12616
published_at 2026-06-06T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12581
published_at 2026-06-07T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.12499
published_at 2026-06-08T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.12527
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1567
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1567
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=439974
reference_id 439974
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=439974
fixed_packages
0
url pkg:deb/debian/phpmyadmin@2.11.5.1?distro=trixie
purl pkg:deb/debian/phpmyadmin@2.11.5.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@2.11.5.1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-1567
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc5h-5wna-zbek
144
url VCID-jc7z-g7xt-u3cw
vulnerability_id VCID-jc7z-g7xt-u3cw
summary phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function.
references
0
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=4d9fd005671b05c4d74615d5939ed45e4d019e4c
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=4d9fd005671b05c4d74615d5939ed45e4d019e4c
1
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=4d9fd005671b05c4d74615d5939ed45e4d019e4c
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=4d9fd005671b05c4d74615d5939ed45e4d019e4c
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4481
reference_id
reference_type
scores
0
value 0.00694
scoring_system epss
scoring_elements 0.72302
published_at 2026-06-05T12:55:00Z
1
value 0.00694
scoring_system epss
scoring_elements 0.72299
published_at 2026-06-09T12:55:00Z
2
value 0.00694
scoring_system epss
scoring_elements 0.72273
published_at 2026-06-08T12:55:00Z
3
value 0.00694
scoring_system epss
scoring_elements 0.72308
published_at 2026-06-06T12:55:00Z
4
value 0.00694
scoring_system epss
scoring_elements 0.72261
published_at 2026-06-04T12:55:00Z
5
value 0.00694
scoring_system epss
scoring_elements 0.72288
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4481
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481
4
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-4481
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-4481
6
reference_url http://www.debian.org/security/2010/dsa-2139
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2010/dsa-2139
7
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:000
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:000
8
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2010-10.php
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2010-10.php
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608290
reference_id 608290
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608290
10
reference_url https://github.com/advisories/GHSA-gmc7-jvv7-w245
reference_id GHSA-gmc7-jvv7-w245
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gmc7-jvv7-w245
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.7-3?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.7-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.7-3%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2010-4481, GHSA-gmc7-jvv7-w245
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc7z-g7xt-u3cw
145
url VCID-jc9s-t6h4-qfd5
vulnerability_id VCID-jc9s-t6h4-qfd5
summary Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0129
reference_id
reference_type
scores
0
value 0.13292
scoring_system epss
scoring_elements 0.94294
published_at 2026-06-04T12:55:00Z
1
value 0.13292
scoring_system epss
scoring_elements 0.94302
published_at 2026-06-05T12:55:00Z
2
value 0.13292
scoring_system epss
scoring_elements 0.94303
published_at 2026-06-06T12:55:00Z
3
value 0.13292
scoring_system epss
scoring_elements 0.94304
published_at 2026-06-08T12:55:00Z
4
value 0.13292
scoring_system epss
scoring_elements 0.94309
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0129
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0129
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0129
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/23640.txt
reference_id CVE-2004-0129;OSVDB-3800
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/23640.txt
3
reference_url https://www.securityfocus.com/bid/9564/info
reference_id CVE-2004-0129;OSVDB-3800
reference_type exploit
scores
url https://www.securityfocus.com/bid/9564/info
fixed_packages
0
url pkg:deb/debian/phpmyadmin@2:2.6.0-pl2?distro=trixie
purl pkg:deb/debian/phpmyadmin@2:2.6.0-pl2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@2:2.6.0-pl2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2004-0129
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc9s-t6h4-qfd5
146
url VCID-jemb-avnk-c7eb
vulnerability_id VCID-jemb-avnk-c7eb
summary An issue was discovered in phpMyAdmin. In the "User group" and "Designer" features, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6616
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.5312
published_at 2026-06-04T12:55:00Z
1
value 0.00295
scoring_system epss
scoring_elements 0.53182
published_at 2026-06-05T12:55:00Z
2
value 0.00295
scoring_system epss
scoring_elements 0.5319
published_at 2026-06-06T12:55:00Z
3
value 0.00295
scoring_system epss
scoring_elements 0.53171
published_at 2026-06-07T12:55:00Z
4
value 0.00295
scoring_system epss
scoring_elements 0.53145
published_at 2026-06-08T12:55:00Z
5
value 0.00295
scoring_system epss
scoring_elements 0.5317
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6616
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6616
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6616
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jemb-avnk-c7eb
147
url VCID-jmn8-a5r9-2qc8
vulnerability_id VCID-jmn8-a5r9-2qc8
summary 
Improper Input Validation
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6622
reference_id
reference_type
scores
0
value 0.00944
scoring_system epss
scoring_elements 0.7669
published_at 2026-06-05T12:55:00Z
1
value 0.00944
scoring_system epss
scoring_elements 0.76675
published_at 2026-06-08T12:55:00Z
2
value 0.00944
scoring_system epss
scoring_elements 0.76685
published_at 2026-06-07T12:55:00Z
3
value 0.00944
scoring_system epss
scoring_elements 0.76697
published_at 2026-06-09T12:55:00Z
4
value 0.00944
scoring_system epss
scoring_elements 0.7666
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6622
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622
2
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-45
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-45
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6622
reference_id CVE-2016-6622
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6622
7
reference_url https://github.com/advisories/GHSA-qf3f-7x69-qfv3
reference_id GHSA-qf3f-7x69-qfv3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qf3f-7x69-qfv3
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6622, GHSA-qf3f-7x69-qfv3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jmn8-a5r9-2qc8
148
url VCID-jrxc-3ybk-bba7
vulnerability_id VCID-jrxc-3ybk-bba7
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5339
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43161
published_at 2026-06-09T12:55:00Z
1
value 0.00208
scoring_system epss
scoring_elements 0.43123
published_at 2026-06-04T12:55:00Z
2
value 0.00208
scoring_system epss
scoring_elements 0.43198
published_at 2026-06-05T12:55:00Z
3
value 0.00208
scoring_system epss
scoring_elements 0.43206
published_at 2026-06-06T12:55:00Z
4
value 0.00208
scoring_system epss
scoring_elements 0.43186
published_at 2026-06-07T12:55:00Z
5
value 0.00208
scoring_system epss
scoring_elements 0.43151
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5339
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6ea8fad3f999bfdf79eb6fe31309592bca54d611
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6ea8fad3f999bfdf79eb6fe31309592bca54d611
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/cfd688d2512df9827a8ecc0412fc264fc5bcb186
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/cfd688d2512df9827a8ecc0412fc264fc5bcb186
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5339
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5339
5
reference_url https://web.archive.org/web/20121020000514/http://www.securityfocus.com/bid/55925
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121020000514/http://www.securityfocus.com/bid/55925
6
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php
7
reference_url https://github.com/advisories/GHSA-rfpg-2fp8-2fph
reference_id GHSA-rfpg-2fp8-2fph
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rfpg-2fp8-2fph
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-5339, GHSA-rfpg-2fp8-2fph
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jrxc-3ybk-bba7
149
url VCID-jvvf-kwtm-6qb7
vulnerability_id VCID-jvvf-kwtm-6qb7
summary libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9218
reference_id
reference_type
scores
0
value 0.15266
scoring_system epss
scoring_elements 0.94744
published_at 2026-06-04T12:55:00Z
1
value 0.15266
scoring_system epss
scoring_elements 0.94752
published_at 2026-06-05T12:55:00Z
2
value 0.15266
scoring_system epss
scoring_elements 0.94754
published_at 2026-06-06T12:55:00Z
3
value 0.15266
scoring_system epss
scoring_elements 0.94755
published_at 2026-06-08T12:55:00Z
4
value 0.15266
scoring_system epss
scoring_elements 0.9476
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9218
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194
reference_id 774194
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/35539.txt
reference_id CVE-2014-9218;OSVDB-115322
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/35539.txt
10
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.12-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-9218
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jvvf-kwtm-6qb7
150
url VCID-jwqb-guqs-v7dz
vulnerability_id VCID-jwqb-guqs-v7dz
summary Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2418
reference_id
reference_type
scores
0
value 0.0368
scoring_system epss
scoring_elements 0.88127
published_at 2026-06-04T12:55:00Z
1
value 0.0368
scoring_system epss
scoring_elements 0.88148
published_at 2026-06-05T12:55:00Z
2
value 0.0368
scoring_system epss
scoring_elements 0.88151
published_at 2026-06-06T12:55:00Z
3
value 0.0368
scoring_system epss
scoring_elements 0.8815
published_at 2026-06-08T12:55:00Z
4
value 0.0368
scoring_system epss
scoring_elements 0.88165
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2418
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2418
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368082
reference_id 368082
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368082
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-2418
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwqb-guqs-v7dz
151
url VCID-jxf7-1cq4-t3cv
vulnerability_id VCID-jxf7-1cq4-t3cv
summary phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5734
reference_id
reference_type
scores
0
value 0.87019
scoring_system epss
scoring_elements 0.99458
published_at 2026-06-09T12:55:00Z
1
value 0.87019
scoring_system epss
scoring_elements 0.99457
published_at 2026-06-08T12:55:00Z
2
value 0.87019
scoring_system epss
scoring_elements 0.99456
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5734
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5734
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5734
6
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
7
reference_url https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387
8
reference_url https://www.exploit-db.com/exploits/40185
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/40185
9
reference_url https://www.phpmyadmin.net/security/PMASA-2016-27
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-27
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py
reference_id CVE-2016-5734
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py
11
reference_url https://github.com/advisories/GHSA-rv57-479x-x4qv
reference_id GHSA-rv57-479x-x4qv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv57-479x-x4qv
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5734, GHSA-rv57-479x-x4qv
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxf7-1cq4-t3cv
152
url VCID-k3fp-nkvv-e3fa
vulnerability_id VCID-k3fp-nkvv-e3fa
summary server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4987
reference_id
reference_type
scores
0
value 0.00192
scoring_system epss
scoring_elements 0.40961
published_at 2026-06-04T12:55:00Z
1
value 0.00192
scoring_system epss
scoring_elements 0.41037
published_at 2026-06-05T12:55:00Z
2
value 0.00192
scoring_system epss
scoring_elements 0.41042
published_at 2026-06-06T12:55:00Z
3
value 0.00192
scoring_system epss
scoring_elements 0.4101
published_at 2026-06-07T12:55:00Z
4
value 0.00192
scoring_system epss
scoring_elements 0.40979
published_at 2026-06-08T12:55:00Z
5
value 0.00192
scoring_system epss
scoring_elements 0.4099
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4987
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4987
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4987
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4987
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k3fp-nkvv-e3fa
153
url VCID-k5es-wrs7-3bc5
vulnerability_id VCID-k5es-wrs7-3bc5
summary phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0544
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.66367
published_at 2026-06-04T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.66408
published_at 2026-06-05T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.66416
published_at 2026-06-06T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.664
published_at 2026-06-07T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.66386
published_at 2026-06-08T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66404
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0544
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0544
2
reference_url https://security.gentoo.org/glsa/200503-07
reference_id GLSA-200503-07
reference_type
scores
url https://security.gentoo.org/glsa/200503-07
fixed_packages
0
url pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@3:2.6.1-pl2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-0544
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k5es-wrs7-3bc5
154
url VCID-k5ph-wws1-fqg4
vulnerability_id VCID-k5ph-wws1-fqg4
summary 
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in `examples/openid.php` in phpMyAdmin allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5731
reference_id
reference_type
scores
0
value 0.00424
scoring_system epss
scoring_elements 0.62546
published_at 2026-06-05T12:55:00Z
1
value 0.00424
scoring_system epss
scoring_elements 0.62544
published_at 2026-06-09T12:55:00Z
2
value 0.00424
scoring_system epss
scoring_elements 0.6253
published_at 2026-06-08T12:55:00Z
3
value 0.00424
scoring_system epss
scoring_elements 0.62555
published_at 2026-06-06T12:55:00Z
4
value 0.00424
scoring_system epss
scoring_elements 0.625
published_at 2026-06-04T12:55:00Z
5
value 0.00424
scoring_system epss
scoring_elements 0.62545
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5731
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48c
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/52e7898
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/52e7898
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/5fefa51
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/5fefa51
20
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/78f6c54
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/78f6c54
21
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94ab
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94ab
22
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/d005ba6
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/d005ba6
23
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
24
reference_url https://www.phpmyadmin.net/security/PMASA-2016-24
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-24
25
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5731
reference_id CVE-2016-5731
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5731
27
reference_url https://github.com/advisories/GHSA-mwm8-36c5-j5cf
reference_id GHSA-mwm8-36c5-j5cf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mwm8-36c5-j5cf
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5731, GHSA-mwm8-36c5-j5cf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k5ph-wws1-fqg4
155
url VCID-kfr7-v6tb-eqau
vulnerability_id VCID-kfr7-v6tb-eqau
summary 
SQL Injection
A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18622
reference_id
reference_type
scores
0
value 0.00556
scoring_system epss
scoring_elements 0.68503
published_at 2026-06-04T12:55:00Z
1
value 0.00556
scoring_system epss
scoring_elements 0.68547
published_at 2026-06-09T12:55:00Z
2
value 0.00556
scoring_system epss
scoring_elements 0.68529
published_at 2026-06-08T12:55:00Z
3
value 0.00556
scoring_system epss
scoring_elements 0.68545
published_at 2026-06-07T12:55:00Z
4
value 0.00556
scoring_system epss
scoring_elements 0.68551
published_at 2026-06-06T12:55:00Z
5
value 0.00556
scoring_system epss
scoring_elements 0.68544
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18622
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622
4
reference_url https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/
9
reference_url https://security.gentoo.org/glsa/202003-39
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202003-39
10
reference_url https://www.phpmyadmin.net/security/PMASA-2019-5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-5
11
reference_url https://www.phpmyadmin.net/security/PMASA-2019-5/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-5/
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349
reference_id 945349
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18622
reference_id CVE-2019-18622
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18622
14
reference_url https://github.com/advisories/GHSA-jgjc-332c-8cmc
reference_id GHSA-jgjc-332c-8cmc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jgjc-332c-8cmc
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.2%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2019-18622, GHSA-jgjc-332c-8cmc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kfr7-v6tb-eqau
156
url VCID-kfrx-mmr7-euep
vulnerability_id VCID-kfrx-mmr7-euep
summary 
Cross-Site Request Forgery (CSRF)
phpMyAdm has CSRF, allowing an attacker to execute arbitrary SQL statements, related to `js/db_operations.js`, `js/tbl_operations.js`, `libraries/classes/Operations.php`, and `sql.php.`
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10188
reference_id
reference_type
scores
0
value 0.0065
scoring_system epss
scoring_elements 0.71236
published_at 2026-06-04T12:55:00Z
1
value 0.0065
scoring_system epss
scoring_elements 0.71276
published_at 2026-06-09T12:55:00Z
2
value 0.0065
scoring_system epss
scoring_elements 0.71251
published_at 2026-06-08T12:55:00Z
3
value 0.0065
scoring_system epss
scoring_elements 0.71267
published_at 2026-06-07T12:55:00Z
4
value 0.0065
scoring_system epss
scoring_elements 0.71287
published_at 2026-06-06T12:55:00Z
5
value 0.0065
scoring_system epss
scoring_elements 0.7128
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10188
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641
4
reference_url https://www.exploit-db.com/exploits/44496
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44496
5
reference_url https://www.exploit-db.com/exploits/44496/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44496/
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-2
7
reference_url https://www.phpmyadmin.net/security/PMASA-2018-2/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-2/
8
reference_url http://www.securityfocus.com/bid/103936
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103936
9
reference_url http://www.securitytracker.com/id/1040752
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040752
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490
reference_id 896490
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html
reference_id CVE-2018-10188
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10188
reference_id CVE-2018-10188
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10188
13
reference_url https://github.com/advisories/GHSA-v6fp-h79x-9rqc
reference_id GHSA-v6fp-h79x-9rqc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6fp-h79x-9rqc
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-10188, GHSA-v6fp-h79x-9rqc
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kfrx-mmr7-euep
157
url VCID-knqb-87ak-7qak
vulnerability_id VCID-knqb-87ak-7qak
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2417
reference_id
reference_type
scores
0
value 0.00579
scoring_system epss
scoring_elements 0.69237
published_at 2026-06-04T12:55:00Z
1
value 0.00579
scoring_system epss
scoring_elements 0.69277
published_at 2026-06-05T12:55:00Z
2
value 0.00579
scoring_system epss
scoring_elements 0.69285
published_at 2026-06-06T12:55:00Z
3
value 0.00579
scoring_system epss
scoring_elements 0.69276
published_at 2026-06-07T12:55:00Z
4
value 0.00579
scoring_system epss
scoring_elements 0.69261
published_at 2026-06-08T12:55:00Z
5
value 0.00579
scoring_system epss
scoring_elements 0.69281
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2417
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2417
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368082
reference_id 368082
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368082
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-2417
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-knqb-87ak-7qak
158
url VCID-kqwg-vs7r-kkep
vulnerability_id VCID-kqwg-vs7r-kkep
summary Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5098
reference_id
reference_type
scores
0
value 0.00452
scoring_system epss
scoring_elements 0.64066
published_at 2026-06-04T12:55:00Z
1
value 0.00452
scoring_system epss
scoring_elements 0.64109
published_at 2026-06-05T12:55:00Z
2
value 0.00452
scoring_system epss
scoring_elements 0.64117
published_at 2026-06-06T12:55:00Z
3
value 0.00452
scoring_system epss
scoring_elements 0.64107
published_at 2026-06-07T12:55:00Z
4
value 0.00452
scoring_system epss
scoring_elements 0.64095
published_at 2026-06-08T12:55:00Z
5
value 0.00452
scoring_system epss
scoring_elements 0.64115
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5098
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5098
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kqwg-vs7r-kkep
159
url VCID-kr29-sj36-bqa2
vulnerability_id VCID-kr29-sj36-bqa2
summary phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1147
reference_id
reference_type
scores
0
value 0.04568
scoring_system epss
scoring_elements 0.89391
published_at 2026-06-04T12:55:00Z
1
value 0.04568
scoring_system epss
scoring_elements 0.89409
published_at 2026-06-08T12:55:00Z
2
value 0.04568
scoring_system epss
scoring_elements 0.89408
published_at 2026-06-07T12:55:00Z
3
value 0.04568
scoring_system epss
scoring_elements 0.89426
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1147
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1147
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1147
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/24817.txt
reference_id CVE-2004-1147;OSVDB-12330
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/24817.txt
3
reference_url https://www.securityfocus.com/bid/11886/info
reference_id CVE-2004-1147;OSVDB-12330
reference_type exploit
scores
url https://www.securityfocus.com/bid/11886/info
fixed_packages
0
url pkg:deb/debian/phpmyadmin@2:2.6.1-rc1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@2:2.6.1-rc1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@2:2.6.1-rc1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2004-1147
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kr29-sj36-bqa2
160
url VCID-krmp-qvw1-n7b6
vulnerability_id VCID-krmp-qvw1-n7b6
summary Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via (1) the scale parameter to pmd_pdf.php or (2) the pdf_page_number parameter to schema_export.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5003
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59353
published_at 2026-06-04T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.59404
published_at 2026-06-05T12:55:00Z
2
value 0.00374
scoring_system epss
scoring_elements 0.59407
published_at 2026-06-06T12:55:00Z
3
value 0.00374
scoring_system epss
scoring_elements 0.59399
published_at 2026-06-07T12:55:00Z
4
value 0.00374
scoring_system epss
scoring_elements 0.59379
published_at 2026-06-08T12:55:00Z
5
value 0.00374
scoring_system epss
scoring_elements 0.59396
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5003
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
6
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-5003
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-krmp-qvw1-n7b6
161
url VCID-kwtj-jk24-zffq
vulnerability_id VCID-kwtj-jk24-zffq
summary An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6611
reference_id
reference_type
scores
0
value 0.0055
scoring_system epss
scoring_elements 0.68338
published_at 2026-06-04T12:55:00Z
1
value 0.0055
scoring_system epss
scoring_elements 0.68381
published_at 2026-06-09T12:55:00Z
2
value 0.0055
scoring_system epss
scoring_elements 0.68388
published_at 2026-06-06T12:55:00Z
3
value 0.0055
scoring_system epss
scoring_elements 0.6838
published_at 2026-06-07T12:55:00Z
4
value 0.0055
scoring_system epss
scoring_elements 0.68365
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6611
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6611
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6611
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6611
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwtj-jk24-zffq
162
url VCID-kxq1-41am-gqdc
vulnerability_id VCID-kxq1-41am-gqdc
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Database Synchronize panel; (2) a crafted database name, related to the Database rename panel; (3) a crafted SQL query, related to the table overview panel; (4) a crafted SQL query, related to the view creation dialog; (5) a crafted column type, related to the table search dialog; or (6) a crafted column type, related to the create index dialog.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071040.html
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071040.html
1
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=077c10020e349e8c1beb46309098992fde616913
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=077c10020e349e8c1beb46309098992fde616913
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=1490533d91e9d3820e78ca4eac7981886eaea2cb
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=1490533d91e9d3820e78ca4eac7981886eaea2cb
3
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=b289fe082441dc739939b0ba15dae0d9dc6cee92
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=b289fe082441dc739939b0ba15dae0d9dc6cee92
4
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=dac8d6ce256333ff45b5f46270304b8657452740
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=dac8d6ce256333ff45b5f46270304b8657452740
5
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=077c10020e349e8c1beb46309098992fde616913
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=077c10020e349e8c1beb46309098992fde616913
6
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=1490533d91e9d3820e78ca4eac7981886eaea2cb
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=1490533d91e9d3820e78ca4eac7981886eaea2cb
7
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b289fe082441dc739939b0ba15dae0d9dc6cee92
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b289fe082441dc739939b0ba15dae0d9dc6cee92
8
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=dac8d6ce256333ff45b5f46270304b8657452740
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=dac8d6ce256333ff45b5f46270304b8657452740
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4634
reference_id
reference_type
scores
0
value 0.00421
scoring_system epss
scoring_elements 0.62361
published_at 2026-06-08T12:55:00Z
1
value 0.00421
scoring_system epss
scoring_elements 0.62333
published_at 2026-06-04T12:55:00Z
2
value 0.00421
scoring_system epss
scoring_elements 0.62379
published_at 2026-06-05T12:55:00Z
3
value 0.00421
scoring_system epss
scoring_elements 0.62387
published_at 2026-06-06T12:55:00Z
4
value 0.00421
scoring_system epss
scoring_elements 0.62376
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4634
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4634
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4634
11
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4634
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4634
13
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:198
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:198
14
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php
15
reference_url https://github.com/advisories/GHSA-9j9h-cpgc-8356
reference_id GHSA-9j9h-cpgc-8356
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9j9h-cpgc-8356
16
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.8-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.8-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-4634, GHSA-9j9h-cpgc-8356
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxq1-41am-gqdc
163
url VCID-m2g6-2ztp-tuam
vulnerability_id VCID-m2g6-2ztp-tuam
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-22452
reference_id
reference_type
scores
0
value 0.03245
scoring_system epss
scoring_elements 0.87381
published_at 2026-06-09T12:55:00Z
1
value 0.03245
scoring_system epss
scoring_elements 0.87353
published_at 2026-06-04T12:55:00Z
2
value 0.03245
scoring_system epss
scoring_elements 0.87375
published_at 2026-06-05T12:55:00Z
3
value 0.03245
scoring_system epss
scoring_elements 0.87372
published_at 2026-06-06T12:55:00Z
4
value 0.03245
scoring_system epss
scoring_elements 0.87369
published_at 2026-06-07T12:55:00Z
5
value 0.03245
scoring_system epss
scoring_elements 0.87368
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-22452
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb
4
reference_url https://github.com/phpmyadmin/phpmyadmin/issues/15898
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url https://github.com/phpmyadmin/phpmyadmin/issues/15898
5
reference_url https://github.com/phpmyadmin/phpmyadmin/pull/16004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url https://github.com/phpmyadmin/phpmyadmin/pull/16004
6
reference_url https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog
reference_id ChangeLog
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-22452
reference_id CVE-2020-22452
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-22452
8
reference_url https://github.com/advisories/GHSA-prcg-mc23-hgjh
reference_id GHSA-prcg-mc23-hgjh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-prcg-mc23-hgjh
9
reference_url http://phpmyadmin.com
reference_id phpmyadmin.com
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/
url http://phpmyadmin.com
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2020-22452, GHSA-prcg-mc23-hgjh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2g6-2ztp-tuam
164
url VCID-m3kq-1cfg-mkgc
vulnerability_id VCID-m3kq-1cfg-mkgc
summary 
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25727
reference_id
reference_type
scores
0
value 0.09658
scoring_system epss
scoring_elements 0.93059
published_at 2026-06-09T12:55:00Z
1
value 0.09658
scoring_system epss
scoring_elements 0.9305
published_at 2026-06-08T12:55:00Z
2
value 0.09658
scoring_system epss
scoring_elements 0.93053
published_at 2026-06-07T12:55:00Z
3
value 0.09658
scoring_system epss
scoring_elements 0.93048
published_at 2026-06-04T12:55:00Z
4
value 0.09658
scoring_system epss
scoring_elements 0.93057
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25727
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
5
reference_url https://www.phpmyadmin.net/security/PMASA-2023-1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2023-1
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25727
reference_id CVE-2023-25727
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25727
7
reference_url https://github.com/advisories/GHSA-6hr3-44gx-g6wh
reference_id GHSA-6hr3-44gx-g6wh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hr3-44gx-g6wh
8
reference_url https://www.phpmyadmin.net/security/PMASA-2023-1/
reference_id PMASA-2023-1
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/
url https://www.phpmyadmin.net/security/PMASA-2023-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2023-25727, GHSA-6hr3-44gx-g6wh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3kq-1cfg-mkgc
165
url VCID-m54t-23nu-3kaa
vulnerability_id VCID-m54t-23nu-3kaa
summary Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) table name or (2) column name that is improperly handled during construction of an AJAX confirmation message.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4986
reference_id
reference_type
scores
0
value 0.00339
scoring_system epss
scoring_elements 0.56959
published_at 2026-06-09T12:55:00Z
1
value 0.00339
scoring_system epss
scoring_elements 0.5691
published_at 2026-06-04T12:55:00Z
2
value 0.00339
scoring_system epss
scoring_elements 0.56961
published_at 2026-06-05T12:55:00Z
3
value 0.00339
scoring_system epss
scoring_elements 0.56968
published_at 2026-06-06T12:55:00Z
4
value 0.00339
scoring_system epss
scoring_elements 0.56956
published_at 2026-06-07T12:55:00Z
5
value 0.00339
scoring_system epss
scoring_elements 0.56941
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4986
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4986
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4986
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/29a1f56495a7d1d98da31a614f23c0819a606a4d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/29a1f56495a7d1d98da31a614f23c0819a606a4d
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4986
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-4986
5
reference_url https://security.gentoo.org/glsa/201505-03
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201505-03
6
reference_url https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/68803
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/68803
7
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php
8
reference_url https://github.com/advisories/GHSA-jqmr-wqgp-8mh2
reference_id GHSA-jqmr-wqgp-8mh2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jqmr-wqgp-8mh2
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4986, GHSA-jqmr-wqgp-8mh2
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m54t-23nu-3kaa
166
url VCID-m59w-cug5-wbe2
vulnerability_id VCID-m59w-cug5-wbe2
summary An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9862
reference_id
reference_type
scores
0
value 0.00405
scoring_system epss
scoring_elements 0.61341
published_at 2026-06-04T12:55:00Z
1
value 0.00405
scoring_system epss
scoring_elements 0.61389
published_at 2026-06-05T12:55:00Z
2
value 0.00405
scoring_system epss
scoring_elements 0.61397
published_at 2026-06-06T12:55:00Z
3
value 0.00405
scoring_system epss
scoring_elements 0.61383
published_at 2026-06-07T12:55:00Z
4
value 0.00405
scoring_system epss
scoring_elements 0.61366
published_at 2026-06-08T12:55:00Z
5
value 0.00405
scoring_system epss
scoring_elements 0.61386
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9862
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9862
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9862
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9862
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m59w-cug5-wbe2
167
url VCID-mctt-kqsq-97gt
vulnerability_id VCID-mctt-kqsq-97gt
summary Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
references
0
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f
1
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1941
reference_id
reference_type
scores
0
value 0.00253
scoring_system epss
scoring_elements 0.48808
published_at 2026-06-09T12:55:00Z
1
value 0.00253
scoring_system epss
scoring_elements 0.48773
published_at 2026-06-04T12:55:00Z
2
value 0.00253
scoring_system epss
scoring_elements 0.48834
published_at 2026-06-05T12:55:00Z
3
value 0.00253
scoring_system epss
scoring_elements 0.48842
published_at 2026-06-06T12:55:00Z
4
value 0.00253
scoring_system epss
scoring_elements 0.48823
published_at 2026-06-07T12:55:00Z
5
value 0.00253
scoring_system epss
scoring_elements 0.48794
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1941
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1941
4
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
5
reference_url https://github.com/phpmyadmin/composer/commit/b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer/commit/b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f
6
reference_url https://github.com/phpmyadmin/composer/commit/ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer/commit/ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1941
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1941
8
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-4.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-4.php
9
reference_url https://github.com/advisories/GHSA-v6fw-xf2c-8q43
reference_id GHSA-v6fw-xf2c-8q43
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6fw-xf2c-8q43
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-1941, GHSA-v6fw-xf2c-8q43
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mctt-kqsq-97gt
168
url VCID-me6n-9fzg-ayf5
vulnerability_id VCID-me6n-9fzg-ayf5
summary Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1190
reference_id
reference_type
scores
0
value 0.00431
scoring_system epss
scoring_elements 0.62904
published_at 2026-06-04T12:55:00Z
1
value 0.00431
scoring_system epss
scoring_elements 0.62946
published_at 2026-06-05T12:55:00Z
2
value 0.00431
scoring_system epss
scoring_elements 0.62955
published_at 2026-06-06T12:55:00Z
3
value 0.00431
scoring_system epss
scoring_elements 0.62944
published_at 2026-06-07T12:55:00Z
4
value 0.00431
scoring_system epss
scoring_elements 0.62931
published_at 2026-06-08T12:55:00Z
5
value 0.00431
scoring_system epss
scoring_elements 0.62948
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1190
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.10.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.10.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.10.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-1190
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-me6n-9fzg-ayf5
169
url VCID-mgu4-pf1x-r3dy
vulnerability_id VCID-mgu4-pf1x-r3dy
summary 
Cross-site Scripting
XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6608
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.55129
published_at 2026-06-05T12:55:00Z
1
value 0.00317
scoring_system epss
scoring_elements 0.55128
published_at 2026-06-09T12:55:00Z
2
value 0.00317
scoring_system epss
scoring_elements 0.55108
published_at 2026-06-08T12:55:00Z
3
value 0.00317
scoring_system epss
scoring_elements 0.55136
published_at 2026-06-06T12:55:00Z
4
value 0.00317
scoring_system epss
scoring_elements 0.5507
published_at 2026-06-04T12:55:00Z
5
value 0.00317
scoring_system epss
scoring_elements 0.55127
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6608
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-31
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-31
5
reference_url http://www.securityfocus.com/bid/93258
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93258
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6608
reference_id CVE-2016-6608
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6608
7
reference_url https://github.com/advisories/GHSA-jfmj-27fp-qp67
reference_id GHSA-jfmj-27fp-qp67
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jfmj-27fp-qp67
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6608, GHSA-jfmj-27fp-qp67
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgu4-pf1x-r3dy
170
url VCID-mxn5-bh7q-gkdb
vulnerability_id VCID-mxn5-bh7q-gkdb
summary The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171311.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171311.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171326.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171326.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169987.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169987.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7873.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7873.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7873
reference_id
reference_type
scores
0
value 0.00625
scoring_system epss
scoring_elements 0.70614
published_at 2026-06-09T12:55:00Z
1
value 0.00625
scoring_system epss
scoring_elements 0.7057
published_at 2026-06-04T12:55:00Z
2
value 0.00625
scoring_system epss
scoring_elements 0.70612
published_at 2026-06-05T12:55:00Z
3
value 0.00625
scoring_system epss
scoring_elements 0.70621
published_at 2026-06-06T12:55:00Z
4
value 0.00625
scoring_system epss
scoring_elements 0.70603
published_at 2026-06-07T12:55:00Z
5
value 0.00625
scoring_system epss
scoring_elements 0.70591
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7873
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
12
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
13
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2b31866fe0b30b867aaf5b5fedb11adb354e037f
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2b31866fe0b30b867aaf5b5fedb11adb354e037f
14
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7873
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7873
16
reference_url https://web.archive.org/web/20161014120907/http://www.securitytracker.com/id/1034013
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161014120907/http://www.securitytracker.com/id/1034013
17
reference_url https://web.archive.org/web/20200228052850/http://www.securityfocus.com/bid/77299
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228052850/http://www.securityfocus.com/bid/77299
18
reference_url https://www.phpmyadmin.net/security/PMASA-2015-5
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2015-5
19
reference_url http://www.debian.org/security/2015/dsa-3382
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3382
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1275108
reference_id 1275108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1275108
21
reference_url https://github.com/advisories/GHSA-5pmg-qh2c-7j24
reference_id GHSA-5pmg-qh2c-7j24
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5pmg-qh2c-7j24
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2015-7873, GHSA-5pmg-qh2c-7j24
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxn5-bh7q-gkdb
171
url VCID-mzuh-5e5y-d3hr
vulnerability_id VCID-mzuh-5e5y-d3hr
summary 
Improper Neutralization of Escape, Meta, or Control Sequences
phpMyAdmin does not escape certain Git information, related to `libraries/classes/Display/GitRevision.php` and `libraries/classes/Footer.php`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19617
reference_id
reference_type
scores
0
value 0.00997
scoring_system epss
scoring_elements 0.77304
published_at 2026-06-04T12:55:00Z
1
value 0.00997
scoring_system epss
scoring_elements 0.77343
published_at 2026-06-06T12:55:00Z
2
value 0.00997
scoring_system epss
scoring_elements 0.77333
published_at 2026-06-05T12:55:00Z
3
value 0.00997
scoring_system epss
scoring_elements 0.77344
published_at 2026-06-09T12:55:00Z
4
value 0.00997
scoring_system epss
scoring_elements 0.77323
published_at 2026-06-08T12:55:00Z
5
value 0.00997
scoring_system epss
scoring_elements 0.77332
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19617
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9
4
reference_url https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2
5
reference_url https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html
6
reference_url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
7
reference_url https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released
8
reference_url https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19617
reference_id CVE-2019-19617
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19617
10
reference_url https://github.com/advisories/GHSA-pgph-mc4p-f8c3
reference_id GHSA-pgph-mc4p-f8c3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pgph-mc4p-f8c3
11
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
12
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.2%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.2%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.2%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2019-19617, GHSA-pgph-mc4p-f8c3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzuh-5e5y-d3hr
172
url VCID-n53q-r421-affh
vulnerability_id VCID-n53q-r421-affh
summary An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6617
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54322
published_at 2026-06-04T12:55:00Z
1
value 0.00309
scoring_system epss
scoring_elements 0.54379
published_at 2026-06-05T12:55:00Z
2
value 0.00309
scoring_system epss
scoring_elements 0.54388
published_at 2026-06-06T12:55:00Z
3
value 0.00309
scoring_system epss
scoring_elements 0.54377
published_at 2026-06-09T12:55:00Z
4
value 0.00309
scoring_system epss
scoring_elements 0.54355
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6617
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6617
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6617
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n53q-r421-affh
173
url VCID-n66y-s36g-fqck
vulnerability_id VCID-n66y-s36g-fqck
summary 
Improper Input Validation
An issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9860
reference_id
reference_type
scores
0
value 0.00707
scoring_system epss
scoring_elements 0.72586
published_at 2026-06-06T12:55:00Z
1
value 0.00707
scoring_system epss
scoring_elements 0.72554
published_at 2026-06-08T12:55:00Z
2
value 0.00707
scoring_system epss
scoring_elements 0.72579
published_at 2026-06-09T12:55:00Z
3
value 0.00707
scoring_system epss
scoring_elements 0.72539
published_at 2026-06-04T12:55:00Z
4
value 0.00707
scoring_system epss
scoring_elements 0.72568
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9860
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-65
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-65
5
reference_url http://www.securityfocus.com/bid/94525
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94525
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9860
reference_id CVE-2016-9860
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9860
7
reference_url https://github.com/advisories/GHSA-3hw5-fffc-qrg4
reference_id GHSA-3hw5-fffc-qrg4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3hw5-fffc-qrg4
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9860, GHSA-3hw5-fffc-qrg4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n66y-s36g-fqck
174
url VCID-n6r6-jzez-afh7
vulnerability_id VCID-n6r6-jzez-afh7
summary export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3241
reference_id
reference_type
scores
0
value 0.03369
scoring_system epss
scoring_elements 0.87581
published_at 2026-06-04T12:55:00Z
1
value 0.03369
scoring_system epss
scoring_elements 0.87602
published_at 2026-06-05T12:55:00Z
2
value 0.03369
scoring_system epss
scoring_elements 0.876
published_at 2026-06-06T12:55:00Z
3
value 0.03369
scoring_system epss
scoring_elements 0.87599
published_at 2026-06-08T12:55:00Z
4
value 0.03369
scoring_system epss
scoring_elements 0.87611
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3241
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-3241
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n6r6-jzez-afh7
175
url VCID-n7cc-xfym-u7g4
vulnerability_id VCID-n7cc-xfym-u7g4
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-6300
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.50946
published_at 2026-06-09T12:55:00Z
1
value 0.00273
scoring_system epss
scoring_elements 0.50913
published_at 2026-06-04T12:55:00Z
2
value 0.00273
scoring_system epss
scoring_elements 0.50975
published_at 2026-06-05T12:55:00Z
3
value 0.00273
scoring_system epss
scoring_elements 0.5098
published_at 2026-06-06T12:55:00Z
4
value 0.00273
scoring_system epss
scoring_elements 0.50959
published_at 2026-06-07T12:55:00Z
5
value 0.00273
scoring_system epss
scoring_elements 0.50929
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-6300
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6300
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac
4
reference_url https://security.gentoo.org/glsa/201505-03
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201505-03
5
reference_url https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790
6
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-6300
reference_id CVE-2014-6300
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-6300
8
reference_url https://github.com/advisories/GHSA-6wfj-2mw7-p5cg
reference_id GHSA-6wfj-2mw7-p5cg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6wfj-2mw7-p5cg
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.8.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.8.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-6300, GHSA-6wfj-2mw7-p5cg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n7cc-xfym-u7g4
176
url VCID-ne75-u4sh-3ue7
vulnerability_id VCID-ne75-u4sh-3ue7
summary Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2031
reference_id
reference_type
scores
0
value 0.00409
scoring_system epss
scoring_elements 0.61591
published_at 2026-06-04T12:55:00Z
1
value 0.00409
scoring_system epss
scoring_elements 0.6164
published_at 2026-06-05T12:55:00Z
2
value 0.00409
scoring_system epss
scoring_elements 0.61646
published_at 2026-06-06T12:55:00Z
3
value 0.00409
scoring_system epss
scoring_elements 0.61636
published_at 2026-06-07T12:55:00Z
4
value 0.00409
scoring_system epss
scoring_elements 0.61619
published_at 2026-06-08T12:55:00Z
5
value 0.00409
scoring_system epss
scoring_elements 0.61638
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2031
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2031
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2031
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363519
reference_id 363519
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363519
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-2031
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ne75-u4sh-3ue7
177
url VCID-nek4-tkv6-w7dr
vulnerability_id VCID-nek4-tkv6-w7dr
summary The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-4079
reference_id
reference_type
scores
0
value 0.01613
scoring_system epss
scoring_elements 0.82117
published_at 2026-06-04T12:55:00Z
1
value 0.01613
scoring_system epss
scoring_elements 0.82145
published_at 2026-06-05T12:55:00Z
2
value 0.01613
scoring_system epss
scoring_elements 0.82147
published_at 2026-06-06T12:55:00Z
3
value 0.01613
scoring_system epss
scoring_elements 0.82149
published_at 2026-06-07T12:55:00Z
4
value 0.01613
scoring_system epss
scoring_elements 0.82142
published_at 2026-06-08T12:55:00Z
5
value 0.01613
scoring_system epss
scoring_elements 0.82156
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-4079
1
reference_url https://security.gentoo.org/glsa/200512-03
reference_id GLSA-200512-03
reference_type
scores
url https://security.gentoo.org/glsa/200512-03
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-4079
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nek4-tkv6-w7dr
178
url VCID-nfgc-1n4t-9uh7
vulnerability_id VCID-nfgc-1n4t-9uh7
summary Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0203
reference_id
reference_type
scores
0
value 0.00745
scoring_system epss
scoring_elements 0.73398
published_at 2026-06-04T12:55:00Z
1
value 0.00745
scoring_system epss
scoring_elements 0.73434
published_at 2026-06-05T12:55:00Z
2
value 0.00745
scoring_system epss
scoring_elements 0.7344
published_at 2026-06-06T12:55:00Z
3
value 0.00745
scoring_system epss
scoring_elements 0.73426
published_at 2026-06-07T12:55:00Z
4
value 0.00745
scoring_system epss
scoring_elements 0.73413
published_at 2026-06-08T12:55:00Z
5
value 0.00745
scoring_system epss
scoring_elements 0.73437
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0203
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0203
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406486
reference_id 406486
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406486
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-0203
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfgc-1n4t-9uh7
179
url VCID-np5w-chxm-cyak
vulnerability_id VCID-np5w-chxm-cyak
summary The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8980
reference_id
reference_type
scores
0
value 0.04573
scoring_system epss
scoring_elements 0.89396
published_at 2026-06-04T12:55:00Z
1
value 0.04573
scoring_system epss
scoring_elements 0.89414
published_at 2026-06-08T12:55:00Z
2
value 0.04573
scoring_system epss
scoring_elements 0.89413
published_at 2026-06-07T12:55:00Z
3
value 0.04573
scoring_system epss
scoring_elements 0.89431
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8980
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8980
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8980
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851770
reference_id 851770
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851770
3
reference_url https://usn.ubuntu.com/USN-4779-1/
reference_id USN-USN-4779-1
reference_type
scores
url https://usn.ubuntu.com/USN-4779-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2015-8980
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-np5w-chxm-cyak
180
url VCID-ntmf-36f1-e3fg
vulnerability_id VCID-ntmf-36f1-e3fg
summary 
phpMyAdmin Cross-site Scripting vulnerability
Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
3
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4782
reference_id
reference_type
scores
0
value 0.00475
scoring_system epss
scoring_elements 0.65244
published_at 2026-06-09T12:55:00Z
1
value 0.00475
scoring_system epss
scoring_elements 0.65195
published_at 2026-06-04T12:55:00Z
2
value 0.00475
scoring_system epss
scoring_elements 0.65238
published_at 2026-06-05T12:55:00Z
3
value 0.00475
scoring_system epss
scoring_elements 0.65248
published_at 2026-06-06T12:55:00Z
4
value 0.00475
scoring_system epss
scoring_elements 0.65237
published_at 2026-06-07T12:55:00Z
5
value 0.00475
scoring_system epss
scoring_elements 0.65225
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4782
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4782
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4782
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/71938
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/71938
7
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
8
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:198
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:198
9
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4782
reference_id CVE-2011-4782
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4782
11
reference_url https://github.com/advisories/GHSA-2h23-c973-x63q
reference_id GHSA-2h23-c973-x63q
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2h23-c973-x63q
12
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.9-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.9-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-4782, GHSA-2h23-c973-x63q
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntmf-36f1-e3fg
181
url VCID-nuju-ekmt-k7g9
vulnerability_id VCID-nuju-ekmt-k7g9
summary 
Improper Input Validation
An issue was discovered in phpMyAdmin involving the `$cfg['ArbitraryServerRegexp']` configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by `ArbitraryServerRegexp`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6629
reference_id
reference_type
scores
0
value 0.00977
scoring_system epss
scoring_elements 0.77051
published_at 2026-06-04T12:55:00Z
1
value 0.00977
scoring_system epss
scoring_elements 0.77071
published_at 2026-06-08T12:55:00Z
2
value 0.00977
scoring_system epss
scoring_elements 0.77081
published_at 2026-06-07T12:55:00Z
3
value 0.00977
scoring_system epss
scoring_elements 0.77093
published_at 2026-06-09T12:55:00Z
4
value 0.00977
scoring_system epss
scoring_elements 0.77083
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6629
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629
2
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
3
reference_url https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-52
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-52
5
reference_url http://www.securityfocus.com/bid/92493
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92493
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6629
reference_id CVE-2016-6629
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6629
7
reference_url https://github.com/advisories/GHSA-567r-vqj7-5cw7
reference_id GHSA-567r-vqj7-5cw7
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-567r-vqj7-5cw7
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6629, GHSA-567r-vqj7-5cw7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nuju-ekmt-k7g9
182
url VCID-nv3j-xj42-wfcw
vulnerability_id VCID-nv3j-xj42-wfcw
summary 
Incomplete List of Disallowed Inputs
An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9861
reference_id
reference_type
scores
0
value 0.00222
scoring_system epss
scoring_elements 0.4492
published_at 2026-06-04T12:55:00Z
1
value 0.00222
scoring_system epss
scoring_elements 0.44956
published_at 2026-06-09T12:55:00Z
2
value 0.00222
scoring_system epss
scoring_elements 0.44993
published_at 2026-06-06T12:55:00Z
3
value 0.00222
scoring_system epss
scoring_elements 0.44989
published_at 2026-06-05T12:55:00Z
4
value 0.00222
scoring_system epss
scoring_elements 0.44944
published_at 2026-06-08T12:55:00Z
5
value 0.00222
scoring_system epss
scoring_elements 0.44973
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9861
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-66
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-66
6
reference_url http://www.securityfocus.com/bid/94535
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94535
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9861
reference_id CVE-2016-9861
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9861
8
reference_url https://github.com/advisories/GHSA-r326-mp8g-6xfc
reference_id GHSA-r326-mp8g-6xfc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r326-mp8g-6xfc
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9861, GHSA-r326-mp8g-6xfc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nv3j-xj42-wfcw
183
url VCID-p1jn-sxds-mqd1
vulnerability_id VCID-p1jn-sxds-mqd1
summary 
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in `db_central_columns.php` in phpMyAdm allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7260
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53817
published_at 2026-06-05T12:55:00Z
1
value 0.00302
scoring_system epss
scoring_elements 0.53813
published_at 2026-06-09T12:55:00Z
2
value 0.00302
scoring_system epss
scoring_elements 0.53791
published_at 2026-06-08T12:55:00Z
3
value 0.00302
scoring_system epss
scoring_elements 0.53826
published_at 2026-06-06T12:55:00Z
4
value 0.00302
scoring_system epss
scoring_elements 0.5376
published_at 2026-06-04T12:55:00Z
5
value 0.00302
scoring_system epss
scoring_elements 0.53814
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7260
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3
4
reference_url https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-1
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-1/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-1/
7
reference_url http://www.securityfocus.com/bid/103099
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103099
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539
reference_id 893539
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539
9
reference_url https://security.archlinux.org/ASA-201802-11
reference_id ASA-201802-11
reference_type
scores
url https://security.archlinux.org/ASA-201802-11
10
reference_url https://security.archlinux.org/AVG-630
reference_id AVG-630
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-630
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7260
reference_id CVE-2018-7260
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-7260
12
reference_url https://github.com/advisories/GHSA-gqmj-f46x-wqhw
reference_id GHSA-gqmj-f46x-wqhw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gqmj-f46x-wqhw
13
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
14
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-7260, GHSA-gqmj-f46x-wqhw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1jn-sxds-mqd1
184
url VCID-p361-saxs-97g9
vulnerability_id VCID-p361-saxs-97g9
summary An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the PMA_shutdownDuringExport issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9855
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.6637
published_at 2026-06-04T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.66411
published_at 2026-06-05T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.66419
published_at 2026-06-06T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.66403
published_at 2026-06-07T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.66389
published_at 2026-06-08T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66407
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9855
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9855
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9855
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p361-saxs-97g9
185
url VCID-p7ay-azv3-bqch
vulnerability_id VCID-p7ay-azv3-bqch
summary SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1804
reference_id
reference_type
scores
0
value 0.00963
scoring_system epss
scoring_elements 0.76875
published_at 2026-06-04T12:55:00Z
1
value 0.00963
scoring_system epss
scoring_elements 0.76908
published_at 2026-06-05T12:55:00Z
2
value 0.00963
scoring_system epss
scoring_elements 0.76916
published_at 2026-06-06T12:55:00Z
3
value 0.00963
scoring_system epss
scoring_elements 0.76905
published_at 2026-06-07T12:55:00Z
4
value 0.00963
scoring_system epss
scoring_elements 0.76894
published_at 2026-06-08T12:55:00Z
5
value 0.00963
scoring_system epss
scoring_elements 0.76915
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1804
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363519
reference_id 363519
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363519
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-1804
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7ay-azv3-bqch
186
url VCID-pcg2-hctg-sbd7
vulnerability_id VCID-pcg2-hctg-sbd7
summary phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1148
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60452
published_at 2026-06-04T12:55:00Z
1
value 0.00391
scoring_system epss
scoring_elements 0.605
published_at 2026-06-05T12:55:00Z
2
value 0.00391
scoring_system epss
scoring_elements 0.60503
published_at 2026-06-06T12:55:00Z
3
value 0.00391
scoring_system epss
scoring_elements 0.60491
published_at 2026-06-07T12:55:00Z
4
value 0.00391
scoring_system epss
scoring_elements 0.60474
published_at 2026-06-08T12:55:00Z
5
value 0.00391
scoring_system epss
scoring_elements 0.6049
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1148
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1148
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1148
fixed_packages
0
url pkg:deb/debian/phpmyadmin@2:2.6.1-rc1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@2:2.6.1-rc1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@2:2.6.1-rc1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2004-1148
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pcg2-hctg-sbd7
187
url VCID-pdmq-pgqp-5qft
vulnerability_id VCID-pdmq-pgqp-5qft
summary Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that is improperly handled on the database triggers page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4955
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49297
published_at 2026-06-04T12:55:00Z
1
value 0.00257
scoring_system epss
scoring_elements 0.49359
published_at 2026-06-05T12:55:00Z
2
value 0.00257
scoring_system epss
scoring_elements 0.49369
published_at 2026-06-06T12:55:00Z
3
value 0.00257
scoring_system epss
scoring_elements 0.49351
published_at 2026-06-07T12:55:00Z
4
value 0.00257
scoring_system epss
scoring_elements 0.49322
published_at 2026-06-08T12:55:00Z
5
value 0.00257
scoring_system epss
scoring_elements 0.49334
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4955
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4955
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4955
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4955
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdmq-pgqp-5qft
188
url VCID-pfdk-db4h-47dx
vulnerability_id VCID-pfdk-db4h-47dx
summary 
Cross-site Scripting
A Cross-site scripting (XSS) vulnerability in the format function in `libraries/sql-parser/src/Utils/Error.php` in the SQL parser in phpMyAdmin allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2559
reference_id
reference_type
scores
0
value 0.00269
scoring_system epss
scoring_elements 0.50655
published_at 2026-06-06T12:55:00Z
1
value 0.00269
scoring_system epss
scoring_elements 0.50647
published_at 2026-06-05T12:55:00Z
2
value 0.00269
scoring_system epss
scoring_elements 0.50585
published_at 2026-06-04T12:55:00Z
3
value 0.00269
scoring_system epss
scoring_elements 0.50622
published_at 2026-06-09T12:55:00Z
4
value 0.00269
scoring_system epss
scoring_elements 0.50605
published_at 2026-06-08T12:55:00Z
5
value 0.00269
scoring_system epss
scoring_elements 0.50635
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2559
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559
4
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
5
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c
6
reference_url https://www.phpmyadmin.net/security/PMASA-2016-10
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-10
7
reference_url https://www.phpmyadmin.net/security/PMASA-2016-10/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2016-10/
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2559
reference_id CVE-2016-2559
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2559
9
reference_url https://github.com/advisories/GHSA-7rf8-9r8f-qf59
reference_id GHSA-7rf8-9r8f-qf59
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7rf8-9r8f-qf59
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-2559, GHSA-7rf8-9r8f-qf59
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pfdk-db4h-47dx
189
url VCID-pnry-rv8t-v3ff
vulnerability_id VCID-pnry-rv8t-v3ff
summary libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2206
reference_id
reference_type
scores
0
value 0.00916
scoring_system epss
scoring_elements 0.76298
published_at 2026-06-04T12:55:00Z
1
value 0.00916
scoring_system epss
scoring_elements 0.76326
published_at 2026-06-05T12:55:00Z
2
value 0.00916
scoring_system epss
scoring_elements 0.76328
published_at 2026-06-06T12:55:00Z
3
value 0.00916
scoring_system epss
scoring_elements 0.76321
published_at 2026-06-07T12:55:00Z
4
value 0.00916
scoring_system epss
scoring_elements 0.76311
published_at 2026-06-08T12:55:00Z
5
value 0.00916
scoring_system epss
scoring_elements 0.76334
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2206
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.4.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.4.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.4.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2015-2206
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pnry-rv8t-v3ff
190
url VCID-psp9-3jss-cka9
vulnerability_id VCID-psp9-3jss-cka9
summary show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1902
reference_id
reference_type
scores
0
value 0.00468
scoring_system epss
scoring_elements 0.64818
published_at 2026-06-04T12:55:00Z
1
value 0.00468
scoring_system epss
scoring_elements 0.6486
published_at 2026-06-05T12:55:00Z
2
value 0.00468
scoring_system epss
scoring_elements 0.6487
published_at 2026-06-06T12:55:00Z
3
value 0.00468
scoring_system epss
scoring_elements 0.64859
published_at 2026-06-07T12:55:00Z
4
value 0.00468
scoring_system epss
scoring_elements 0.64848
published_at 2026-06-08T12:55:00Z
5
value 0.00468
scoring_system epss
scoring_elements 0.64866
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1902
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1902
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.10.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.10.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.10.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-1902
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-psp9-3jss-cka9
191
url VCID-ptce-mpk2-yub7
vulnerability_id VCID-ptce-mpk2-yub7
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5589
reference_id
reference_type
scores
0
value 0.11421
scoring_system epss
scoring_elements 0.9371
published_at 2026-06-04T12:55:00Z
1
value 0.11421
scoring_system epss
scoring_elements 0.93719
published_at 2026-06-06T12:55:00Z
2
value 0.11824
scoring_system epss
scoring_elements 0.93859
published_at 2026-06-07T12:55:00Z
3
value 0.11824
scoring_system epss
scoring_elements 0.93858
published_at 2026-06-08T12:55:00Z
4
value 0.11824
scoring_system epss
scoring_elements 0.93863
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5589
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5589
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5589
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/30733.txt
reference_id CVE-2007-5589;OSVDB-37939
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/30733.txt
3
reference_url https://www.securityfocus.com/bid/26301/info
reference_id CVE-2007-5589;OSVDB-37939
reference_type exploit
scores
url https://www.securityfocus.com/bid/26301/info
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.1.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.1.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.1.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-5589
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ptce-mpk2-yub7
192
url VCID-pv92-669g-eub2
vulnerability_id VCID-pv92-669g-eub2
summary Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1285.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1285.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1285
reference_id
reference_type
scores
0
value 0.36057
scoring_system epss
scoring_elements 0.97182
published_at 2026-06-04T12:55:00Z
1
value 0.36057
scoring_system epss
scoring_elements 0.97186
published_at 2026-06-05T12:55:00Z
2
value 0.36057
scoring_system epss
scoring_elements 0.97188
published_at 2026-06-06T12:55:00Z
3
value 0.36057
scoring_system epss
scoring_elements 0.97189
published_at 2026-06-07T12:55:00Z
4
value 0.36057
scoring_system epss
scoring_elements 0.9719
published_at 2026-06-08T12:55:00Z
5
value 0.36057
scoring_system epss
scoring_elements 0.97191
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1285
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1285
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=495768
reference_id 495768
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=495768
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524804
reference_id 524804
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524804
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.1.3.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.1.3.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-1285
risk_score 0.6
exploitability 2.0
weighted_severity 0.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pv92-669g-eub2
193
url VCID-q2wv-kbra-5kg8
vulnerability_id VCID-q2wv-kbra-5kg8
summary An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9865
reference_id
reference_type
scores
0
value 0.01202
scoring_system epss
scoring_elements 0.79258
published_at 2026-06-04T12:55:00Z
1
value 0.01202
scoring_system epss
scoring_elements 0.79284
published_at 2026-06-05T12:55:00Z
2
value 0.01202
scoring_system epss
scoring_elements 0.7929
published_at 2026-06-09T12:55:00Z
3
value 0.01202
scoring_system epss
scoring_elements 0.79282
published_at 2026-06-07T12:55:00Z
4
value 0.01202
scoring_system epss
scoring_elements 0.79272
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9865
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9865
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9865
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2wv-kbra-5kg8
194
url VCID-q45d-5bf4-tff5
vulnerability_id VCID-q45d-5bf4-tff5
summary 
Improper Privilege Management
An issue was discovered in `libraries/common` which allows users who have no password set to log in even if the administrator has set `$cfg['Servers'][$i]['AllowNoPassword']` to `false` (which is also the default).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-18264
reference_id
reference_type
scores
0
value 0.00305
scoring_system epss
scoring_elements 0.54057
published_at 2026-06-05T12:55:00Z
1
value 0.00305
scoring_system epss
scoring_elements 0.54053
published_at 2026-06-09T12:55:00Z
2
value 0.00305
scoring_system epss
scoring_elements 0.54031
published_at 2026-06-08T12:55:00Z
3
value 0.00305
scoring_system epss
scoring_elements 0.54
published_at 2026-06-04T12:55:00Z
4
value 0.00305
scoring_system epss
scoring_elements 0.54054
published_at 2026-06-07T12:55:00Z
5
value 0.00305
scoring_system epss
scoring_elements 0.54065
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-18264
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
4
reference_url https://www.phpmyadmin.net/security/PMASA-2017-8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-8
5
reference_url https://www.phpmyadmin.net/security/PMASA-2017-8/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2017-8/
6
reference_url http://www.securityfocus.com/bid/97211
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/97211
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-18264
reference_id CVE-2017-18264
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-18264
8
reference_url https://github.com/advisories/GHSA-5868-g58j-vrj5
reference_id GHSA-5868-g58j-vrj5
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5868-g58j-vrj5
9
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-18264, GHSA-5868-g58j-vrj5
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q45d-5bf4-tff5
195
url VCID-q7pe-bvr1-g3bc
vulnerability_id VCID-q7pe-bvr1-g3bc
summary 
Cryptographic Issues
An issue was discovered in phpMyAdmin. When the user does not specify a `blowfish_secret` key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's `blowfish_secret` and potentially decrypt their cookies.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9847
reference_id
reference_type
scores
0
value 0.0043
scoring_system epss
scoring_elements 0.62854
published_at 2026-06-04T12:55:00Z
1
value 0.0043
scoring_system epss
scoring_elements 0.62881
published_at 2026-06-08T12:55:00Z
2
value 0.0043
scoring_system epss
scoring_elements 0.62895
published_at 2026-06-07T12:55:00Z
3
value 0.0043
scoring_system epss
scoring_elements 0.62906
published_at 2026-06-06T12:55:00Z
4
value 0.0043
scoring_system epss
scoring_elements 0.62896
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9847
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847
2
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
3
reference_url https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-58
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-58
5
reference_url http://www.securityfocus.com/bid/94524
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94524
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9847
reference_id CVE-2016-9847
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9847
7
reference_url https://github.com/advisories/GHSA-9xhq-pm7v-693p
reference_id GHSA-9xhq-pm7v-693p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9xhq-pm7v-693p
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9847, GHSA-9xhq-pm7v-693p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q7pe-bvr1-g3bc
196
url VCID-q7rn-1612-quau
vulnerability_id VCID-q7rn-1612-quau
summary 
SQL Injection
A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11768
reference_id
reference_type
scores
0
value 0.01109
scoring_system epss
scoring_elements 0.78498
published_at 2026-06-09T12:55:00Z
1
value 0.01109
scoring_system epss
scoring_elements 0.78468
published_at 2026-06-04T12:55:00Z
2
value 0.01109
scoring_system epss
scoring_elements 0.78495
published_at 2026-06-05T12:55:00Z
3
value 0.01109
scoring_system epss
scoring_elements 0.78503
published_at 2026-06-06T12:55:00Z
4
value 0.01109
scoring_system epss
scoring_elements 0.78492
published_at 2026-06-07T12:55:00Z
5
value 0.01109
scoring_system epss
scoring_elements 0.7848
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11768
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86
3
reference_url https://www.phpmyadmin.net/security/PMASA-2019-3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2019-3
4
reference_url https://www.phpmyadmin.net/security/PMASA-2019-3/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2019-3/
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048
reference_id 930048
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11768
reference_id CVE-2019-11768
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11768
7
reference_url https://github.com/advisories/GHSA-x37v-98f9-mj32
reference_id GHSA-x37v-98f9-mj32
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x37v-98f9-mj32
8
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
9
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2019-11768, GHSA-x37v-98f9-mj32
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q7rn-1612-quau
197
url VCID-q7zq-5xpn-93dd
vulnerability_id VCID-q7zq-5xpn-93dd
summary An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the json_decode issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9854
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.6637
published_at 2026-06-04T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.66411
published_at 2026-06-05T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.66419
published_at 2026-06-06T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.66403
published_at 2026-06-07T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.66389
published_at 2026-06-08T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66407
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9854
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9854
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9854
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9854
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q7zq-5xpn-93dd
198
url VCID-qbjt-k4x8-gya5
vulnerability_id VCID-qbjt-k4x8-gya5
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4348.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4348.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4348
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.39677
published_at 2026-06-04T12:55:00Z
1
value 0.00182
scoring_system epss
scoring_elements 0.39762
published_at 2026-06-05T12:55:00Z
2
value 0.00182
scoring_system epss
scoring_elements 0.39765
published_at 2026-06-06T12:55:00Z
3
value 0.00182
scoring_system epss
scoring_elements 0.3974
published_at 2026-06-07T12:55:00Z
4
value 0.00182
scoring_system epss
scoring_elements 0.39712
published_at 2026-06-08T12:55:00Z
5
value 0.00182
scoring_system epss
scoring_elements 0.39729
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4348
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4348
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1117600
reference_id 1117600
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1117600
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.5-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.5-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4348
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbjt-k4x8-gya5
199
url VCID-qeac-129m-1udw
vulnerability_id VCID-qeac-129m-1udw
summary An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9863
reference_id
reference_type
scores
0
value 0.00644
scoring_system epss
scoring_elements 0.7106
published_at 2026-06-04T12:55:00Z
1
value 0.00644
scoring_system epss
scoring_elements 0.71104
published_at 2026-06-09T12:55:00Z
2
value 0.00644
scoring_system epss
scoring_elements 0.71109
published_at 2026-06-06T12:55:00Z
3
value 0.00644
scoring_system epss
scoring_elements 0.71103
published_at 2026-06-05T12:55:00Z
4
value 0.00644
scoring_system epss
scoring_elements 0.71078
published_at 2026-06-08T12:55:00Z
5
value 0.00644
scoring_system epss
scoring_elements 0.71093
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9863
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9863
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9863
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9863
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9863
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://web.archive.org/web/20210123194704/http://www.securityfocus.com/bid/94526
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194704/http://www.securityfocus.com/bid/94526
6
reference_url https://www.phpmyadmin.net/security/PMASA-2016-68
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-68
7
reference_url https://github.com/advisories/GHSA-qgrq-64g6-mmh6
reference_id GHSA-qgrq-64g6-mmh6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qgrq-64g6-mmh6
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9863, GHSA-qgrq-64g6-mmh6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qeac-129m-1udw
200
url VCID-qka6-b7w2-f7dw
vulnerability_id VCID-qka6-b7w2-f7dw
summary The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0987
reference_id
reference_type
scores
0
value 0.02698
scoring_system epss
scoring_elements 0.86158
published_at 2026-06-04T12:55:00Z
1
value 0.02698
scoring_system epss
scoring_elements 0.86179
published_at 2026-06-05T12:55:00Z
2
value 0.02698
scoring_system epss
scoring_elements 0.86181
published_at 2026-06-06T12:55:00Z
3
value 0.02698
scoring_system epss
scoring_elements 0.86177
published_at 2026-06-07T12:55:00Z
4
value 0.02698
scoring_system epss
scoring_elements 0.86165
published_at 2026-06-08T12:55:00Z
5
value 0.02698
scoring_system epss
scoring_elements 0.86178
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0987
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.9.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.9.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.9.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-0987
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qka6-b7w2-f7dw
201
url VCID-qmj2-pxvt-zqes
vulnerability_id VCID-qmj2-pxvt-zqes
summary 
Cross-site Scripting
phpMyAdmin allows XSS through the transformation feature via a crafted link.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26934
reference_id
reference_type
scores
0
value 0.02788
scoring_system epss
scoring_elements 0.86375
published_at 2026-06-09T12:55:00Z
1
value 0.02788
scoring_system epss
scoring_elements 0.86378
published_at 2026-06-06T12:55:00Z
2
value 0.02788
scoring_system epss
scoring_elements 0.86377
published_at 2026-06-05T12:55:00Z
3
value 0.02788
scoring_system epss
scoring_elements 0.86354
published_at 2026-06-04T12:55:00Z
4
value 0.02788
scoring_system epss
scoring_elements 0.86362
published_at 2026-06-08T12:55:00Z
5
value 0.02788
scoring_system epss
scoring_elements 0.86374
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26934
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml
5
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
6
reference_url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5
13
reference_url https://security.gentoo.org/glsa/202101-35
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202101-35
14
reference_url https://www.phpmyadmin.net/security/PMASA-2020-5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2020-5
15
reference_url https://www.phpmyadmin.net/security/PMASA-2020-5/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2020-5/
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999
reference_id 971999
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26934
reference_id CVE-2020-26934
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26934
18
reference_url https://github.com/advisories/GHSA-6349-53vr-7hcr
reference_id GHSA-6349-53vr-7hcr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6349-53vr-7hcr
19
reference_url https://usn.ubuntu.com/4639-1/
reference_id USN-4639-1
reference_type
scores
url https://usn.ubuntu.com/4639-1/
20
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.7%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.7%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.7%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2020-26934, GHSA-6349-53vr-7hcr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmj2-pxvt-zqes
202
url VCID-qnf5-aays-qkf1
vulnerability_id VCID-qnf5-aays-qkf1
summary 
Improper Control of Generation of Code ('Code Injection')
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability."
references
0
reference_url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2505
reference_id
reference_type
scores
0
value 0.37008
scoring_system epss
scoring_elements 0.97249
published_at 2026-06-05T12:55:00Z
1
value 0.37008
scoring_system epss
scoring_elements 0.97251
published_at 2026-06-07T12:55:00Z
2
value 0.37008
scoring_system epss
scoring_elements 0.9725
published_at 2026-06-06T12:55:00Z
3
value 0.37008
scoring_system epss
scoring_elements 0.97245
published_at 2026-06-04T12:55:00Z
4
value 0.37008
scoring_system epss
scoring_elements 0.97252
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2505
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505
4
reference_url http://securityreason.com/securityalert/8306
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/8306
5
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
6
reference_url https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54
8
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967
9
reference_url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
10
reference_url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
11
reference_url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
12
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
13
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
14
reference_url http://www.debian.org/security/2011/dsa-2286
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2286
15
reference_url http://www.exploit-db.com/exploits/17514
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.exploit-db.com/exploits/17514
16
reference_url http://www.exploit-db.com/exploits/17514/
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/17514/
17
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/2
18
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/6
19
reference_url http://www.openwall.com/lists/oss-security/2011/06/28/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/28/8
20
reference_url http://www.openwall.com/lists/oss-security/2011/06/29/11
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/06/29/11
21
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2505
reference_id CVE-2011-2505
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2505
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py
reference_id CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py
24
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php
reference_id CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php
25
reference_url http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
reference_id CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611
reference_type exploit
scores
url http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
26
reference_url https://github.com/advisories/GHSA-vqcm-r62w-w437
reference_id GHSA-vqcm-r62w-w437
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vqcm-r62w-w437
27
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2505, GHSA-vqcm-r62w-w437
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qnf5-aays-qkf1
203
url VCID-qpj7-uk5e-nbez
vulnerability_id VCID-qpj7-uk5e-nbez
summary 
phpMyAdmin vulnerable to Cross-site Scripting
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5701
reference_id
reference_type
scores
0
value 0.00459
scoring_system epss
scoring_elements 0.64392
published_at 2026-06-05T12:55:00Z
1
value 0.00459
scoring_system epss
scoring_elements 0.6438
published_at 2026-06-08T12:55:00Z
2
value 0.00459
scoring_system epss
scoring_elements 0.64401
published_at 2026-06-09T12:55:00Z
3
value 0.00459
scoring_system epss
scoring_elements 0.64348
published_at 2026-06-04T12:55:00Z
4
value 0.00459
scoring_system epss
scoring_elements 0.6439
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5701
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e
20
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
21
reference_url https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383
22
reference_url https://www.phpmyadmin.net/security/PMASA-2016-17
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-17
23
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5701
reference_id CVE-2016-5701
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5701
25
reference_url https://github.com/advisories/GHSA-rh74-5835-jpxp
reference_id GHSA-rh74-5835-jpxp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rh74-5835-jpxp
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5701, GHSA-rh74-5835-jpxp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpj7-uk5e-nbez
204
url VCID-qpsr-xv8c-b3gj
vulnerability_id VCID-qpsr-xv8c-b3gj
summary Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4954
reference_id
reference_type
scores
0
value 0.00253
scoring_system epss
scoring_elements 0.48786
published_at 2026-06-04T12:55:00Z
1
value 0.00253
scoring_system epss
scoring_elements 0.48846
published_at 2026-06-05T12:55:00Z
2
value 0.00253
scoring_system epss
scoring_elements 0.48855
published_at 2026-06-06T12:55:00Z
3
value 0.00253
scoring_system epss
scoring_elements 0.48836
published_at 2026-06-07T12:55:00Z
4
value 0.00253
scoring_system epss
scoring_elements 0.48807
published_at 2026-06-08T12:55:00Z
5
value 0.00253
scoring_system epss
scoring_elements 0.48821
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4954
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4954
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4954
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4954
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpsr-xv8c-b3gj
205
url VCID-qqbs-tnrs-bbem
vulnerability_id VCID-qqbs-tnrs-bbem
summary Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages (aka debugging messages), a different vulnerability than CVE-2010-3056.
references
0
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=133a77fac7d31a38703db2099a90c1b49de62e37
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=133a77fac7d31a38703db2099a90c1b49de62e37
1
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=133a77fac7d31a38703db2099a90c1b49de62e37
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=133a77fac7d31a38703db2099a90c1b49de62e37
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-2958
reference_id
reference_type
scores
0
value 0.00442
scoring_system epss
scoring_elements 0.63623
published_at 2026-06-05T12:55:00Z
1
value 0.00442
scoring_system epss
scoring_elements 0.63629
published_at 2026-06-09T12:55:00Z
2
value 0.00442
scoring_system epss
scoring_elements 0.6361
published_at 2026-06-08T12:55:00Z
3
value 0.00442
scoring_system epss
scoring_elements 0.6363
published_at 2026-06-06T12:55:00Z
4
value 0.00442
scoring_system epss
scoring_elements 0.6358
published_at 2026-06-04T12:55:00Z
5
value 0.00442
scoring_system epss
scoring_elements 0.63621
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-2958
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2958
4
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-2958
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-2958
6
reference_url http://www.openwall.com/lists/oss-security/2010/09/01/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2010/09/01/2
7
reference_url http://www.openwall.com/lists/oss-security/2010/09/01/3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2010/09/01/3
8
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php
9
reference_url https://github.com/advisories/GHSA-frv8-xjcp-hrm2
reference_id GHSA-frv8-xjcp-hrm2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-frv8-xjcp-hrm2
10
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2010-2958, GHSA-frv8-xjcp-hrm2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qqbs-tnrs-bbem
206
url VCID-qqyb-zags-bbhz
vulnerability_id VCID-qqyb-zags-bbhz
summary 
Incomplete Cleanup
An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6632
reference_id
reference_type
scores
0
value 0.00574
scoring_system epss
scoring_elements 0.69162
published_at 2026-06-07T12:55:00Z
1
value 0.00574
scoring_system epss
scoring_elements 0.69166
published_at 2026-06-09T12:55:00Z
2
value 0.00574
scoring_system epss
scoring_elements 0.69146
published_at 2026-06-08T12:55:00Z
3
value 0.00574
scoring_system epss
scoring_elements 0.69122
published_at 2026-06-04T12:55:00Z
4
value 0.00574
scoring_system epss
scoring_elements 0.6917
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6632
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-55
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-55
6
reference_url http://www.securityfocus.com/bid/92497
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92497
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6632
reference_id CVE-2016-6632
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6632
8
reference_url https://github.com/advisories/GHSA-426q-975p-w5cr
reference_id GHSA-426q-975p-w5cr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-426q-975p-w5cr
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6632, GHSA-426q-975p-w5cr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qqyb-zags-bbhz
207
url VCID-qyvz-vsfe-8bfp
vulnerability_id VCID-qyvz-vsfe-8bfp
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3787
reference_id
reference_type
scores
0
value 0.00427
scoring_system epss
scoring_elements 0.62706
published_at 2026-06-04T12:55:00Z
1
value 0.00427
scoring_system epss
scoring_elements 0.62751
published_at 2026-06-05T12:55:00Z
2
value 0.00427
scoring_system epss
scoring_elements 0.6276
published_at 2026-06-06T12:55:00Z
3
value 0.00427
scoring_system epss
scoring_elements 0.6275
published_at 2026-06-07T12:55:00Z
4
value 0.00427
scoring_system epss
scoring_elements 0.62735
published_at 2026-06-08T12:55:00Z
5
value 0.00427
scoring_system epss
scoring_elements 0.62749
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3787
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3787
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3787
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360726
reference_id 360726
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360726
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.4-pl4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-3787
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qyvz-vsfe-8bfp
208
url VCID-r3z5-cc6j-8yg6
vulnerability_id VCID-r3z5-cc6j-8yg6
summary An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6614
reference_id
reference_type
scores
0
value 0.0111
scoring_system epss
scoring_elements 0.7848
published_at 2026-06-04T12:55:00Z
1
value 0.0111
scoring_system epss
scoring_elements 0.78506
published_at 2026-06-05T12:55:00Z
2
value 0.0111
scoring_system epss
scoring_elements 0.78515
published_at 2026-06-06T12:55:00Z
3
value 0.0111
scoring_system epss
scoring_elements 0.78504
published_at 2026-06-07T12:55:00Z
4
value 0.0111
scoring_system epss
scoring_elements 0.78492
published_at 2026-06-08T12:55:00Z
5
value 0.0111
scoring_system epss
scoring_elements 0.7851
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6614
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6614
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6614
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3z5-cc6j-8yg6
209
url VCID-r4zz-m2mr-9qeb
vulnerability_id VCID-r4zz-m2mr-9qeb
summary 
Cross-Site Request Forgery (CSRF)
By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19969
reference_id
reference_type
scores
0
value 0.00437
scoring_system epss
scoring_elements 0.63451
published_at 2026-06-05T12:55:00Z
1
value 0.00437
scoring_system epss
scoring_elements 0.63438
published_at 2026-06-08T12:55:00Z
2
value 0.00437
scoring_system epss
scoring_elements 0.6345
published_at 2026-06-07T12:55:00Z
3
value 0.00437
scoring_system epss
scoring_elements 0.63408
published_at 2026-06-04T12:55:00Z
4
value 0.00437
scoring_system epss
scoring_elements 0.63459
published_at 2026-06-06T12:55:00Z
5
value 0.00437
scoring_system epss
scoring_elements 0.63457
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19969
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
2
reference_url https://security.gentoo.org/glsa/201904-16
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201904-16
3
reference_url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175
4
reference_url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/
reference_id
reference_type
scores
url https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-7
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-7
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-7/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-7/
7
reference_url http://www.securityfocus.com/bid/106175
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106175
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19969
reference_id CVE-2018-19969
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19969
9
reference_url https://github.com/advisories/GHSA-xwf2-53mc-r8hx
reference_id GHSA-xwf2-53mc-r8hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xwf2-53mc-r8hx
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-19969, GHSA-xwf2-53mc-r8hx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r4zz-m2mr-9qeb
210
url VCID-r8b5-qubu-9bgp
vulnerability_id VCID-r8b5-qubu-9bgp
summary Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 allows remote attackers to inject arbitrary web script or HTML via a crafted request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4329
reference_id
reference_type
scores
0
value 0.0072
scoring_system epss
scoring_elements 0.72854
published_at 2026-06-04T12:55:00Z
1
value 0.0072
scoring_system epss
scoring_elements 0.72891
published_at 2026-06-05T12:55:00Z
2
value 0.0072
scoring_system epss
scoring_elements 0.72898
published_at 2026-06-06T12:55:00Z
3
value 0.0072
scoring_system epss
scoring_elements 0.72881
published_at 2026-06-07T12:55:00Z
4
value 0.0072
scoring_system epss
scoring_elements 0.72869
published_at 2026-06-08T12:55:00Z
5
value 0.0072
scoring_system epss
scoring_elements 0.72894
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4329
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4329
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.7-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.7-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.7-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2010-4329
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8b5-qubu-9bgp
211
url VCID-r9sb-489v-fqc9
vulnerability_id VCID-r9sb-489v-fqc9
summary 
phpMyAdmin Cryptographic Vulnerability
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1927
reference_id
reference_type
scores
0
value 0.00628
scoring_system epss
scoring_elements 0.70673
published_at 2026-06-09T12:55:00Z
1
value 0.00628
scoring_system epss
scoring_elements 0.70629
published_at 2026-06-04T12:55:00Z
2
value 0.00628
scoring_system epss
scoring_elements 0.70672
published_at 2026-06-05T12:55:00Z
3
value 0.00628
scoring_system epss
scoring_elements 0.70679
published_at 2026-06-06T12:55:00Z
4
value 0.00628
scoring_system epss
scoring_elements 0.70662
published_at 2026-06-07T12:55:00Z
5
value 0.00628
scoring_system epss
scoring_elements 0.70651
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1927
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
18
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a021e4558c2d72
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a021e4558c2d72
20
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/5530a72e162fab442218486a90ff3365c96fde98
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/5530a72e162fab442218486a90ff3365c96fde98
21
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720
22
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/8b6737735be5787d0b98c6cdfe2c7e3131b1bc95
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/8b6737735be5787d0b98c6cdfe2c7e3131b1bc95
23
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22
24
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4
25
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
26
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1927
reference_id CVE-2016-1927
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1927
28
reference_url https://github.com/advisories/GHSA-4gmg-gwjh-3mmr
reference_id GHSA-4gmg-gwjh-3mmr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4gmg-gwjh-3mmr
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.5.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.5.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-1927, GHSA-4gmg-gwjh-3mmr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9sb-489v-fqc9
212
url VCID-rc63-nakx-ebbe
vulnerability_id VCID-rc63-nakx-ebbe
summary 
Cross-site Scripting
An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9857
reference_id
reference_type
scores
0
value 0.00258
scoring_system epss
scoring_elements 0.49434
published_at 2026-06-05T12:55:00Z
1
value 0.00258
scoring_system epss
scoring_elements 0.49409
published_at 2026-06-09T12:55:00Z
2
value 0.00258
scoring_system epss
scoring_elements 0.49397
published_at 2026-06-08T12:55:00Z
3
value 0.00258
scoring_system epss
scoring_elements 0.49373
published_at 2026-06-04T12:55:00Z
4
value 0.00258
scoring_system epss
scoring_elements 0.49427
published_at 2026-06-07T12:55:00Z
5
value 0.00258
scoring_system epss
scoring_elements 0.49445
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9857
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857
2
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
3
reference_url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-64
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-64
5
reference_url http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94530
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9857
reference_id CVE-2016-9857
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9857
7
reference_url https://github.com/advisories/GHSA-hmmx-wxh4-9w8w
reference_id GHSA-hmmx-wxh4-9w8w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hmmx-wxh4-9w8w
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9857, GHSA-hmmx-wxh4-9w8w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rc63-nakx-ebbe
213
url VCID-rht1-ecwp-aqe7
vulnerability_id VCID-rht1-ecwp-aqe7
summary Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name during table creation, or a (2) Empty link or (3) Drop link for a crafted table name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4345
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43318
published_at 2026-06-09T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.43358
published_at 2026-06-05T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43368
published_at 2026-06-06T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43344
published_at 2026-06-07T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43309
published_at 2026-06-08T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43285
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4345
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-4345
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-4345
3
reference_url https://web.archive.org/web/20150523055725/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2012:136/?name=MDVSA-2012:136
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523055725/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2012:136/?name=MDVSA-2012:136
4
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
5
reference_url https://github.com/advisories/GHSA-r3pq-mp8v-cp33
reference_id GHSA-r3pq-mp8v-cp33
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r3pq-mp8v-cp33
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.11.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.11.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-4345, GHSA-r3pq-mp8v-cp33
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rht1-ecwp-aqe7
214
url VCID-rkw2-bjne-efea
vulnerability_id VCID-rkw2-bjne-efea
summary scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4605.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4605.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-4605
reference_id
reference_type
scores
0
value 0.0047
scoring_system epss
scoring_elements 0.64939
published_at 2026-06-04T12:55:00Z
1
value 0.0047
scoring_system epss
scoring_elements 0.64982
published_at 2026-06-05T12:55:00Z
2
value 0.0047
scoring_system epss
scoring_elements 0.64992
published_at 2026-06-06T12:55:00Z
3
value 0.0047
scoring_system epss
scoring_elements 0.6498
published_at 2026-06-07T12:55:00Z
4
value 0.0047
scoring_system epss
scoring_elements 0.64968
published_at 2026-06-08T12:55:00Z
5
value 0.0047
scoring_system epss
scoring_elements 0.64986
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-4605
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=557307
reference_id 557307
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=557307
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.2.4-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.2.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.2.4-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-4605
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkw2-bjne-efea
215
url VCID-rsrk-jwbt-qfhe
vulnerability_id VCID-rsrk-jwbt-qfhe
summary An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in import feature. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9859
reference_id
reference_type
scores
0
value 0.00553
scoring_system epss
scoring_elements 0.68419
published_at 2026-06-04T12:55:00Z
1
value 0.00553
scoring_system epss
scoring_elements 0.6846
published_at 2026-06-05T12:55:00Z
2
value 0.00553
scoring_system epss
scoring_elements 0.68468
published_at 2026-06-06T12:55:00Z
3
value 0.00553
scoring_system epss
scoring_elements 0.68462
published_at 2026-06-07T12:55:00Z
4
value 0.00553
scoring_system epss
scoring_elements 0.68446
published_at 2026-06-08T12:55:00Z
5
value 0.00553
scoring_system epss
scoring_elements 0.68464
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9859
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9859
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9859
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsrk-jwbt-qfhe
216
url VCID-rx9z-rdmm-5fg6
vulnerability_id VCID-rx9z-rdmm-5fg6
summary 
Cross-site Scripting
An issue was discovered in `js/designer/move.js` in phpMyAdm A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12581
reference_id
reference_type
scores
0
value 0.00393
scoring_system epss
scoring_elements 0.60627
published_at 2026-06-05T12:55:00Z
1
value 0.00393
scoring_system epss
scoring_elements 0.60621
published_at 2026-06-09T12:55:00Z
2
value 0.00393
scoring_system epss
scoring_elements 0.60622
published_at 2026-06-07T12:55:00Z
3
value 0.00393
scoring_system epss
scoring_elements 0.60634
published_at 2026-06-06T12:55:00Z
4
value 0.00393
scoring_system epss
scoring_elements 0.60579
published_at 2026-06-04T12:55:00Z
5
value 0.00393
scoring_system epss
scoring_elements 0.60605
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12581
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
3
reference_url https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530
4
reference_url https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187
5
reference_url https://www.phpmyadmin.net/security/PMASA-2018-3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2018-3
6
reference_url https://www.phpmyadmin.net/security/PMASA-2018-3/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2018-3/
7
reference_url http://www.securityfocus.com/bid/104530
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104530
8
reference_url http://www.securitytracker.com/id/1041187
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041187
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12581
reference_id CVE-2018-12581
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-12581
10
reference_url https://github.com/advisories/GHSA-vxj6-pm6r-23hq
reference_id GHSA-vxj6-pm6r-23hq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxj6-pm6r-23hq
11
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2018-12581, GHSA-vxj6-pm6r-23hq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rx9z-rdmm-5fg6
217
url VCID-rxz2-tx2n-k3bd
vulnerability_id VCID-rxz2-tx2n-k3bd
summary Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5732
reference_id
reference_type
scores
0
value 0.00224
scoring_system epss
scoring_elements 0.45097
published_at 2026-06-04T12:55:00Z
1
value 0.00224
scoring_system epss
scoring_elements 0.45134
published_at 2026-06-09T12:55:00Z
2
value 0.00224
scoring_system epss
scoring_elements 0.45121
published_at 2026-06-08T12:55:00Z
3
value 0.00224
scoring_system epss
scoring_elements 0.45169
published_at 2026-06-06T12:55:00Z
4
value 0.00224
scoring_system epss
scoring_elements 0.45165
published_at 2026-06-05T12:55:00Z
5
value 0.00224
scoring_system epss
scoring_elements 0.4515
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5732
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5732
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5732
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/0815af37f483f329f0c0565d68821fea9c47b5f5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/0815af37f483f329f0c0565d68821fea9c47b5f5
4
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/792cd1262f012b9b13639519d414f2acaeb5e972
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/792cd1262f012b9b13639519d414f2acaeb5e972
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5732
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5732
6
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
7
reference_url https://www.phpmyadmin.net/security/PMASA-2016-25
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-25
8
reference_url https://www.phpmyadmin.net/security/PMASA-2016-25/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2016-25/
9
reference_url https://github.com/advisories/GHSA-3q28-xfw3-2q35
reference_id GHSA-3q28-xfw3-2q35
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3q28-xfw3-2q35
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5732, GHSA-3q28-xfw3-2q35
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rxz2-tx2n-k3bd
218
url VCID-rz6q-hthe-1uer
vulnerability_id VCID-rz6q-hthe-1uer
summary 
Information Exposure
An issue was discovered in phpMyAdmin. A user can exploit the "LOAD LOCAL INFILE" functionality to expose files on the server to the database system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6612
reference_id
reference_type
scores
0
value 0.00324
scoring_system epss
scoring_elements 0.55735
published_at 2026-06-04T12:55:00Z
1
value 0.00324
scoring_system epss
scoring_elements 0.55788
published_at 2026-06-09T12:55:00Z
2
value 0.00324
scoring_system epss
scoring_elements 0.55767
published_at 2026-06-08T12:55:00Z
3
value 0.00324
scoring_system epss
scoring_elements 0.55798
published_at 2026-06-06T12:55:00Z
4
value 0.00324
scoring_system epss
scoring_elements 0.55792
published_at 2026-06-05T12:55:00Z
5
value 0.00324
scoring_system epss
scoring_elements 0.55785
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6612
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-35
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-35
6
reference_url http://www.securityfocus.com/bid/94113
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94113
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6612
reference_id CVE-2016-6612
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6612
8
reference_url https://github.com/advisories/GHSA-fcgm-62p3-f7cm
reference_id GHSA-fcgm-62p3-f7cm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fcgm-62p3-f7cm
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6612, GHSA-fcgm-62p3-f7cm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rz6q-hthe-1uer
219
url VCID-s7zg-dmux-47bn
vulnerability_id VCID-s7zg-dmux-47bn
summary Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1803
reference_id
reference_type
scores
0
value 0.08966
scoring_system epss
scoring_elements 0.9275
published_at 2026-06-04T12:55:00Z
1
value 0.08966
scoring_system epss
scoring_elements 0.92762
published_at 2026-06-05T12:55:00Z
2
value 0.08966
scoring_system epss
scoring_elements 0.92757
published_at 2026-06-06T12:55:00Z
3
value 0.08966
scoring_system epss
scoring_elements 0.92753
published_at 2026-06-07T12:55:00Z
4
value 0.08966
scoring_system epss
scoring_elements 0.92751
published_at 2026-06-08T12:55:00Z
5
value 0.08966
scoring_system epss
scoring_elements 0.92765
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1803
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1803
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363519
reference_id 363519
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363519
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27632.txt
reference_id CVE-2006-1803;OSVDB-24641
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/27632.txt
4
reference_url https://www.securityfocus.com/bid/17487/info
reference_id CVE-2006-1803;OSVDB-24641
reference_type exploit
scores
url https://www.securityfocus.com/bid/17487/info
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-1803
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s7zg-dmux-47bn
220
url VCID-s88e-r2gd-9yep
vulnerability_id VCID-s88e-r2gd-9yep
summary libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3903
reference_id
reference_type
scores
0
value 0.01171
scoring_system epss
scoring_elements 0.79013
published_at 2026-06-04T12:55:00Z
1
value 0.01171
scoring_system epss
scoring_elements 0.7904
published_at 2026-06-05T12:55:00Z
2
value 0.01171
scoring_system epss
scoring_elements 0.79046
published_at 2026-06-06T12:55:00Z
3
value 0.01171
scoring_system epss
scoring_elements 0.79037
published_at 2026-06-07T12:55:00Z
4
value 0.01171
scoring_system epss
scoring_elements 0.79024
published_at 2026-06-08T12:55:00Z
5
value 0.01171
scoring_system epss
scoring_elements 0.79042
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3903
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.4.6.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.4.6.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.4.6.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2015-3903
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s88e-r2gd-9yep
221
url VCID-sbqa-vqjs-bqhy
vulnerability_id VCID-sbqa-vqjs-bqhy
summary phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1149.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1149.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1149
reference_id
reference_type
scores
0
value 0.0093
scoring_system epss
scoring_elements 0.7648
published_at 2026-06-04T12:55:00Z
1
value 0.0093
scoring_system epss
scoring_elements 0.76509
published_at 2026-06-05T12:55:00Z
2
value 0.0093
scoring_system epss
scoring_elements 0.76516
published_at 2026-06-06T12:55:00Z
3
value 0.0093
scoring_system epss
scoring_elements 0.76505
published_at 2026-06-07T12:55:00Z
4
value 0.0093
scoring_system epss
scoring_elements 0.76496
published_at 2026-06-08T12:55:00Z
5
value 0.0093
scoring_system epss
scoring_elements 0.76517
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1149
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1149
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=435706
reference_id 435706
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=435706
4
reference_url https://security.gentoo.org/glsa/200803-15
reference_id GLSA-200803-15
reference_type
scores
url https://security.gentoo.org/glsa/200803-15
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.5-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.5-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-1149
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sbqa-vqjs-bqhy
222
url VCID-segg-gk79-9bc6
vulnerability_id VCID-segg-gk79-9bc6
summary 
Improper Input Validation
An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9851
reference_id
reference_type
scores
0
value 0.00241
scoring_system epss
scoring_elements 0.47525
published_at 2026-06-04T12:55:00Z
1
value 0.00241
scoring_system epss
scoring_elements 0.47557
published_at 2026-06-09T12:55:00Z
2
value 0.00241
scoring_system epss
scoring_elements 0.47544
published_at 2026-06-08T12:55:00Z
3
value 0.00241
scoring_system epss
scoring_elements 0.47591
published_at 2026-06-06T12:55:00Z
4
value 0.00241
scoring_system epss
scoring_elements 0.47589
published_at 2026-06-05T12:55:00Z
5
value 0.00241
scoring_system epss
scoring_elements 0.47574
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9851
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-62
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-62
5
reference_url http://www.securityfocus.com/bid/94534
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94534
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9851
reference_id CVE-2016-9851
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9851
7
reference_url https://github.com/advisories/GHSA-r2vw-p77f-vc27
reference_id GHSA-r2vw-p77f-vc27
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r2vw-p77f-vc27
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9851, GHSA-r2vw-p77f-vc27
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-segg-gk79-9bc6
223
url VCID-sj19-5q5e-j7ah
vulnerability_id VCID-sj19-5q5e-j7ah
summary Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8961
reference_id
reference_type
scores
0
value 0.01447
scoring_system epss
scoring_elements 0.81102
published_at 2026-06-04T12:55:00Z
1
value 0.01447
scoring_system epss
scoring_elements 0.81131
published_at 2026-06-07T12:55:00Z
2
value 0.01447
scoring_system epss
scoring_elements 0.81134
published_at 2026-06-06T12:55:00Z
3
value 0.01447
scoring_system epss
scoring_elements 0.81126
published_at 2026-06-08T12:55:00Z
4
value 0.01447
scoring_system epss
scoring_elements 0.81144
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8961
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8961
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8961
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.12-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-8961
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sj19-5q5e-j7ah
224
url VCID-snke-vmcg-xfd2
vulnerability_id VCID-snke-vmcg-xfd2
summary Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-1879
reference_id
reference_type
scores
0
value 0.00232
scoring_system epss
scoring_elements 0.46059
published_at 2026-06-04T12:55:00Z
1
value 0.00232
scoring_system epss
scoring_elements 0.46127
published_at 2026-06-05T12:55:00Z
2
value 0.00232
scoring_system epss
scoring_elements 0.46129
published_at 2026-06-06T12:55:00Z
3
value 0.00232
scoring_system epss
scoring_elements 0.46108
published_at 2026-06-07T12:55:00Z
4
value 0.00232
scoring_system epss
scoring_elements 0.46082
published_at 2026-06-08T12:55:00Z
5
value 0.00232
scoring_system epss
scoring_elements 0.46093
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-1879
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.1.7-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.1.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.1.7-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-1879
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snke-vmcg-xfd2
225
url VCID-ttu4-gpng-rydg
vulnerability_id VCID-ttu4-gpng-rydg
summary 
Improper Input Validation
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
1
reference_url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_3_1_3/phpMyAdmin/bs_disp_as_mime_type.php?r1=12303&r2=12302&pathrev=12303
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_3_1_3/phpMyAdmin/bs_disp_as_mime_type.php?r1=12303&r2=12302&pathrev=12303
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1149.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1149.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1149
reference_id
reference_type
scores
0
value 0.00715
scoring_system epss
scoring_elements 0.72775
published_at 2026-06-09T12:55:00Z
1
value 0.00715
scoring_system epss
scoring_elements 0.72735
published_at 2026-06-04T12:55:00Z
2
value 0.00715
scoring_system epss
scoring_elements 0.72773
published_at 2026-06-05T12:55:00Z
3
value 0.00715
scoring_system epss
scoring_elements 0.72781
published_at 2026-06-06T12:55:00Z
4
value 0.00715
scoring_system epss
scoring_elements 0.72764
published_at 2026-06-07T12:55:00Z
5
value 0.00715
scoring_system epss
scoring_elements 0.72751
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1149
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1149
5
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
6
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/69bfbf11c7e9487dfa96293aaa797ff14bb513f0
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/69bfbf11c7e9487dfa96293aaa797ff14bb513f0
7
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2009-1.php
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2009-1.php
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id 492066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=492066
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-1149
reference_id CVE-2009-1149
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-1149
10
reference_url https://github.com/advisories/GHSA-xrpq-63mp-9vcw
reference_id GHSA-xrpq-63mp-9vcw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xrpq-63mp-9vcw
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-1149, GHSA-xrpq-63mp-9vcw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ttu4-gpng-rydg
226
url VCID-tvfz-v881-sufp
vulnerability_id VCID-tvfz-v881-sufp
summary 
phpMyAdmin Denial Of Service (DOS) attack
js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5706
reference_id
reference_type
scores
0
value 0.02778
scoring_system epss
scoring_elements 0.86352
published_at 2026-06-05T12:55:00Z
1
value 0.02778
scoring_system epss
scoring_elements 0.8633
published_at 2026-06-04T12:55:00Z
2
value 0.02778
scoring_system epss
scoring_elements 0.8635
published_at 2026-06-07T12:55:00Z
3
value 0.02778
scoring_system epss
scoring_elements 0.86351
published_at 2026-06-09T12:55:00Z
4
value 0.02778
scoring_system epss
scoring_elements 0.86338
published_at 2026-06-08T12:55:00Z
5
value 0.02778
scoring_system epss
scoring_elements 0.86353
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5706
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739
16
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
17
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/4767f24ea4c1e3822ce71a636c341e8ad8d07aa6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/4767f24ea4c1e3822ce71a636c341e8ad8d07aa6
18
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/805225a28c1428d7809e613c731c2126960e98df
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/805225a28c1428d7809e613c731c2126960e98df
19
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/abb3685c8702de887988fee31a97ef4d80d856a1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/abb3685c8702de887988fee31a97ef4d80d856a1
20
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
21
reference_url https://www.phpmyadmin.net/security/PMASA-2016-22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-22
22
reference_url http://www.debian.org/security/2016/dsa-3627
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3627
23
reference_url http://www.securityfocus.com/bid/91376
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/91376
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5706
reference_id CVE-2016-5706
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5706
25
reference_url https://github.com/advisories/GHSA-9rmm-8fp4-26hv
reference_id GHSA-9rmm-8fp4-26hv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9rmm-8fp4-26hv
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-5706, GHSA-9rmm-8fp4-26hv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvfz-v881-sufp
227
url VCID-txba-1at4-ekg2
vulnerability_id VCID-txba-1at4-ekg2
summary 
URL Redirection to Untrusted Site (Open Redirect)
phpMyAdmin is vulnerable to an open redirect weakness.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000013
reference_id
reference_type
scores
0
value 0.00239
scoring_system epss
scoring_elements 0.47215
published_at 2026-06-09T12:55:00Z
1
value 0.00239
scoring_system epss
scoring_elements 0.47182
published_at 2026-06-04T12:55:00Z
2
value 0.00239
scoring_system epss
scoring_elements 0.47248
published_at 2026-06-05T12:55:00Z
3
value 0.00239
scoring_system epss
scoring_elements 0.47251
published_at 2026-06-06T12:55:00Z
4
value 0.00239
scoring_system epss
scoring_elements 0.47232
published_at 2026-06-07T12:55:00Z
5
value 0.00239
scoring_system epss
scoring_elements 0.47203
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000013
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000013
2
reference_url https://web.archive.org/web/20210123220100/http://www.securityfocus.com/bid/95720
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123220100/http://www.securityfocus.com/bid/95720
3
reference_url https://www.phpmyadmin.net/security/PMASA-2017-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-1
4
reference_url http://www.securityfocus.com/bid/95720
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95720
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000013
reference_id CVE-2017-1000013
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000013
6
reference_url https://github.com/advisories/GHSA-5h5m-fj48-qpjw
reference_id GHSA-5h5m-fj48-qpjw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5h5m-fj48-qpjw
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-1000013, GHSA-5h5m-fj48-qpjw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txba-1at4-ekg2
228
url VCID-u51r-f4uz-myhh
vulnerability_id VCID-u51r-f4uz-myhh
summary phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5368
reference_id
reference_type
scores
0
value 0.00425
scoring_system epss
scoring_elements 0.62573
published_at 2026-06-08T12:55:00Z
1
value 0.00425
scoring_system epss
scoring_elements 0.62542
published_at 2026-06-04T12:55:00Z
2
value 0.00425
scoring_system epss
scoring_elements 0.62588
published_at 2026-06-05T12:55:00Z
3
value 0.00425
scoring_system epss
scoring_elements 0.62596
published_at 2026-06-06T12:55:00Z
4
value 0.00425
scoring_system epss
scoring_elements 0.62587
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5368
2
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/50edafc0884aa15d0a1aa178089ac6a1ad2eb18a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/50edafc0884aa15d0a1aa178089ac6a1ad2eb18a
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/a547f3d3e2cf36c6a904fa3e053fd8bddd3fbbb0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/a547f3d3e2cf36c6a904fa3e053fd8bddd3fbbb0
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5368
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5368
5
reference_url https://web.archive.org/web/20200228143700/http://www.securityfocus.com/bid/55939
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228143700/http://www.securityfocus.com/bid/55939
6
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php
7
reference_url https://github.com/advisories/GHSA-xpxp-v33m-5jp9
reference_id GHSA-xpxp-v33m-5jp9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xpxp-v33m-5jp9
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-5368, GHSA-xpxp-v33m-5jp9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u51r-f4uz-myhh
229
url VCID-u8sc-gk1h-gkhc
vulnerability_id VCID-u8sc-gk1h-gkhc
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (2) DROP link for a crafted table name, (3) the Add Trigger popup within a Triggers page that references crafted table names, (4) an invalid trigger-creation attempt for a crafted table name, (5) crafted data in a table, or (6) a crafted tooltip label name during GIS data visualization, a different issue than CVE-2012-4345.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4579
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.40049
published_at 2026-06-09T12:55:00Z
1
value 0.00185
scoring_system epss
scoring_elements 0.40088
published_at 2026-06-06T12:55:00Z
2
value 0.00185
scoring_system epss
scoring_elements 0.4006
published_at 2026-06-07T12:55:00Z
3
value 0.00185
scoring_system epss
scoring_elements 0.40032
published_at 2026-06-08T12:55:00Z
4
value 0.00185
scoring_system epss
scoring_elements 0.40004
published_at 2026-06-04T12:55:00Z
5
value 0.00185
scoring_system epss
scoring_elements 0.40086
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4579
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4579
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4579
2
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-4579
reference_id CVE-2012-4579
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-4579
4
reference_url https://github.com/advisories/GHSA-q7v2-w38r-pv7v
reference_id GHSA-q7v2-w38r-pv7v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q7v2-w38r-pv7v
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.11.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.11.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.11.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2012-4579, GHSA-q7v2-w38r-pv7v
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8sc-gk1h-gkhc
230
url VCID-uc6b-5sj1-9yg2
vulnerability_id VCID-uc6b-5sj1-9yg2
summary libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166294.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166294.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166307.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166307.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166531.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166531.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6830
reference_id
reference_type
scores
0
value 0.21219
scoring_system epss
scoring_elements 0.95792
published_at 2026-06-09T12:55:00Z
1
value 0.21219
scoring_system epss
scoring_elements 0.95778
published_at 2026-06-04T12:55:00Z
2
value 0.21219
scoring_system epss
scoring_elements 0.95784
published_at 2026-06-05T12:55:00Z
3
value 0.21219
scoring_system epss
scoring_elements 0.95787
published_at 2026-06-06T12:55:00Z
4
value 0.21219
scoring_system epss
scoring_elements 0.95788
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6830
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2206
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3902
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3903
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873
11
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/0314e67900f01410bc8c81c58a40dc0515e3c91d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/0314e67900f01410bc8c81c58a40dc0515e3c91d
12
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/785f4e2711848eb8945894199d5870253a88584e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/785f4e2711848eb8945894199d5870253a88584e
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-6830
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-6830
14
reference_url https://web.archive.org/web/20200228052837/http://www.securityfocus.com/bid/76674
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228052837/http://www.securityfocus.com/bid/76674
15
reference_url https://web.archive.org/web/20211215060142/http://www.securitytracker.com/id/1033546
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211215060142/http://www.securitytracker.com/id/1033546
16
reference_url https://www.phpmyadmin.net/security/PMASA-2015-4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2015-4
17
reference_url https://www.phpmyadmin.net/security/PMASA-2015-4/
reference_id
reference_type
scores
url https://www.phpmyadmin.net/security/PMASA-2015-4/
18
reference_url http://www.debian.org/security/2015/dsa-3382
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3382
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/52414.py
reference_id CVE-2015-6830
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/52414.py
20
reference_url https://github.com/advisories/GHSA-v6fh-vg22-r6cm
reference_id GHSA-v6fh-vg22-r6cm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v6fh-vg22-r6cm
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.4.14.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.4.14.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.4.14.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2015-6830, GHSA-v6fh-vg22-r6cm
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uc6b-5sj1-9yg2
231
url VCID-ufzd-pbge-6qhk
vulnerability_id VCID-ufzd-pbge-6qhk
summary import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4729
reference_id
reference_type
scores
0
value 0.00367
scoring_system epss
scoring_elements 0.58974
published_at 2026-06-05T12:55:00Z
1
value 0.00367
scoring_system epss
scoring_elements 0.5897
published_at 2026-06-09T12:55:00Z
2
value 0.00367
scoring_system epss
scoring_elements 0.58955
published_at 2026-06-08T12:55:00Z
3
value 0.00367
scoring_system epss
scoring_elements 0.58979
published_at 2026-06-06T12:55:00Z
4
value 0.00367
scoring_system epss
scoring_elements 0.58927
published_at 2026-06-04T12:55:00Z
5
value 0.00367
scoring_system epss
scoring_elements 0.58971
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4729
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4729
2
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
3
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/012464268420e53a9cd81cbb4a43988d70393c36
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/012464268420e53a9cd81cbb4a43988d70393c36
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4729
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4729
5
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php
6
reference_url https://github.com/advisories/GHSA-x962-w72p-mv7q
reference_id GHSA-x962-w72p-mv7q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x962-w72p-mv7q
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-4729, GHSA-x962-w72p-mv7q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ufzd-pbge-6qhk
232
url VCID-uh3f-vuqh-w3f7
vulnerability_id VCID-uh3f-vuqh-w3f7
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3388
reference_id
reference_type
scores
0
value 0.0103
scoring_system epss
scoring_elements 0.77663
published_at 2026-06-04T12:55:00Z
1
value 0.0103
scoring_system epss
scoring_elements 0.7769
published_at 2026-06-05T12:55:00Z
2
value 0.0103
scoring_system epss
scoring_elements 0.77698
published_at 2026-06-06T12:55:00Z
3
value 0.0103
scoring_system epss
scoring_elements 0.77687
published_at 2026-06-07T12:55:00Z
4
value 0.0103
scoring_system epss
scoring_elements 0.77677
published_at 2026-06-08T12:55:00Z
5
value 0.0103
scoring_system epss
scoring_elements 0.77695
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3388
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3388
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3388
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377748
reference_id 377748
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377748
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.8.2-0.1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.8.2-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.8.2-0.1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-3388
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uh3f-vuqh-w3f7
233
url VCID-uqku-hw3v-u7hh
vulnerability_id VCID-uqku-hw3v-u7hh
summary PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3299
reference_id
reference_type
scores
0
value 0.10398
scoring_system epss
scoring_elements 0.93346
published_at 2026-06-04T12:55:00Z
1
value 0.10398
scoring_system epss
scoring_elements 0.93357
published_at 2026-06-05T12:55:00Z
2
value 0.10398
scoring_system epss
scoring_elements 0.93358
published_at 2026-06-06T12:55:00Z
3
value 0.10398
scoring_system epss
scoring_elements 0.93356
published_at 2026-06-08T12:55:00Z
4
value 0.10398
scoring_system epss
scoring_elements 0.93364
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3299
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3299
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3299
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333433
reference_id 333433
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333433
3
reference_url https://security.gentoo.org/glsa/200510-16
reference_id GLSA-200510-16
reference_type
scores
url https://security.gentoo.org/glsa/200510-16
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/1244.pl
reference_id OSVDB-19911;CVE-2005-3299
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/1244.pl
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.4-pl2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.4-pl2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.4-pl2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-3299
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uqku-hw3v-u7hh
234
url VCID-ur19-yjak-vqdd
vulnerability_id VCID-ur19-yjak-vqdd
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4349.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4349.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4349
reference_id
reference_type
scores
0
value 0.00354
scoring_system epss
scoring_elements 0.57991
published_at 2026-06-04T12:55:00Z
1
value 0.00354
scoring_system epss
scoring_elements 0.58043
published_at 2026-06-09T12:55:00Z
2
value 0.00354
scoring_system epss
scoring_elements 0.58051
published_at 2026-06-06T12:55:00Z
3
value 0.00354
scoring_system epss
scoring_elements 0.5804
published_at 2026-06-07T12:55:00Z
4
value 0.00354
scoring_system epss
scoring_elements 0.58026
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4349
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4349
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1117601
reference_id 1117601
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1117601
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.5-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.5-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4349
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ur19-yjak-vqdd
235
url VCID-ustg-su7z-53cv
vulnerability_id VCID-ustg-su7z-53cv
summary Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1924.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1924.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1924
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.41931
published_at 2026-06-04T12:55:00Z
1
value 0.002
scoring_system epss
scoring_elements 0.42006
published_at 2026-06-05T12:55:00Z
2
value 0.002
scoring_system epss
scoring_elements 0.42016
published_at 2026-06-06T12:55:00Z
3
value 0.002
scoring_system epss
scoring_elements 0.41987
published_at 2026-06-07T12:55:00Z
4
value 0.002
scoring_system epss
scoring_elements 0.41952
published_at 2026-06-08T12:55:00Z
5
value 0.002
scoring_system epss
scoring_elements 0.4196
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1924
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=443683
reference_id 443683
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=443683
4
reference_url https://security.gentoo.org/glsa/200805-02
reference_id GLSA-200805-02
reference_type
scores
url https://security.gentoo.org/glsa/200805-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.5.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.5.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.5.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-1924
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ustg-su7z-53cv
236
url VCID-utaj-br37-dyg3
vulnerability_id VCID-utaj-br37-dyg3
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0204
reference_id
reference_type
scores
0
value 0.01631
scoring_system epss
scoring_elements 0.82237
published_at 2026-06-04T12:55:00Z
1
value 0.01631
scoring_system epss
scoring_elements 0.82266
published_at 2026-06-06T12:55:00Z
2
value 0.01631
scoring_system epss
scoring_elements 0.82268
published_at 2026-06-07T12:55:00Z
3
value 0.01631
scoring_system epss
scoring_elements 0.82261
published_at 2026-06-08T12:55:00Z
4
value 0.01631
scoring_system epss
scoring_elements 0.82275
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0204
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0204
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0204
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406486
reference_id 406486
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406486
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.1.1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2007-0204
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utaj-br37-dyg3
237
url VCID-utga-335m-dua9
vulnerability_id VCID-utga-335m-dua9
summary 
Cross-site Scripting
An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9856
reference_id
reference_type
scores
0
value 0.00258
scoring_system epss
scoring_elements 0.49434
published_at 2026-06-05T12:55:00Z
1
value 0.00258
scoring_system epss
scoring_elements 0.49409
published_at 2026-06-09T12:55:00Z
2
value 0.00258
scoring_system epss
scoring_elements 0.49397
published_at 2026-06-08T12:55:00Z
3
value 0.00258
scoring_system epss
scoring_elements 0.49445
published_at 2026-06-06T12:55:00Z
4
value 0.00258
scoring_system epss
scoring_elements 0.49373
published_at 2026-06-04T12:55:00Z
5
value 0.00258
scoring_system epss
scoring_elements 0.49427
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9856
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856
2
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
3
reference_url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-64
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-64
5
reference_url http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94530
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9856
reference_id CVE-2016-9856
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9856
7
reference_url https://github.com/advisories/GHSA-j8mx-x32r-5rf4
reference_id GHSA-j8mx-x32r-5rf4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8mx-x32r-5rf4
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9856, GHSA-j8mx-x32r-5rf4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utga-335m-dua9
238
url VCID-uyyu-r5e4-mqfg
vulnerability_id VCID-uyyu-r5e4-mqfg
summary Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html
2
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393
3
reference_url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2718
reference_id
reference_type
scores
0
value 0.01003
scoring_system epss
scoring_elements 0.77402
published_at 2026-06-09T12:55:00Z
1
value 0.01003
scoring_system epss
scoring_elements 0.77362
published_at 2026-06-04T12:55:00Z
2
value 0.01003
scoring_system epss
scoring_elements 0.7739
published_at 2026-06-07T12:55:00Z
3
value 0.01003
scoring_system epss
scoring_elements 0.774
published_at 2026-06-06T12:55:00Z
4
value 0.01003
scoring_system epss
scoring_elements 0.7738
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2718
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=725383
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=725383
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2718
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/68768
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/68768
8
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
9
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/3ae58f0cd6b89ad4767920f9b214c38d3f6d4393
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/3ae58f0cd6b89ad4767920f9b214c38d3f6d4393
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2718
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2718
11
reference_url https://web.archive.org/web/20120111084137/http://www.securityfocus.com/bid/48874
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120111084137/http://www.securityfocus.com/bid/48874
12
reference_url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
13
reference_url http://www.openwall.com/lists/oss-security/2011/07/25/4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/07/25/4
14
reference_url http://www.openwall.com/lists/oss-security/2011/07/26/10
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/07/26/10
15
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php
16
reference_url https://github.com/advisories/GHSA-xhqq-554j-p4x8
reference_id GHSA-xhqq-554j-p4x8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xhqq-554j-p4x8
17
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.3.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-2718, GHSA-xhqq-554j-p4x8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyyu-r5e4-mqfg
239
url VCID-v1kx-5wa1-r7he
vulnerability_id VCID-v1kx-5wa1-r7he
summary An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the curl wrapper issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9852
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.6637
published_at 2026-06-04T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.66411
published_at 2026-06-05T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.66419
published_at 2026-06-06T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.66403
published_at 2026-06-07T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.66389
published_at 2026-06-08T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66407
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9852
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9852
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9852
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1kx-5wa1-r7he
240
url VCID-v69j-7vk9-e3d4
vulnerability_id VCID-v69j-7vk9-e3d4
summary Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9219
reference_id
reference_type
scores
0
value 0.00455
scoring_system epss
scoring_elements 0.64184
published_at 2026-06-04T12:55:00Z
1
value 0.00455
scoring_system epss
scoring_elements 0.64228
published_at 2026-06-05T12:55:00Z
2
value 0.00455
scoring_system epss
scoring_elements 0.64236
published_at 2026-06-06T12:55:00Z
3
value 0.00455
scoring_system epss
scoring_elements 0.64225
published_at 2026-06-07T12:55:00Z
4
value 0.00455
scoring_system epss
scoring_elements 0.64213
published_at 2026-06-08T12:55:00Z
5
value 0.00455
scoring_system epss
scoring_elements 0.64233
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9219
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9219
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194
reference_id 774194
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774194
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.2.12-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.2.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.2.12-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-9219
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v69j-7vk9-e3d4
241
url VCID-v6cy-znq5-qfa1
vulnerability_id VCID-v6cy-znq5-qfa1
summary Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4775.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4775
reference_id
reference_type
scores
0
value 0.08276
scoring_system epss
scoring_elements 0.92386
published_at 2026-06-04T12:55:00Z
1
value 0.08276
scoring_system epss
scoring_elements 0.924
published_at 2026-06-05T12:55:00Z
2
value 0.08276
scoring_system epss
scoring_elements 0.92396
published_at 2026-06-06T12:55:00Z
3
value 0.08276
scoring_system epss
scoring_elements 0.92391
published_at 2026-06-07T12:55:00Z
4
value 0.08276
scoring_system epss
scoring_elements 0.9239
published_at 2026-06-08T12:55:00Z
5
value 0.08276
scoring_system epss
scoring_elements 0.92408
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4775
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4775
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=468974
reference_id 468974
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=468974
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32531.txt
reference_id CVE-2008-4775;OSVDB-49692
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/32531.txt
5
reference_url https://www.securityfocus.com/bid/31928/info
reference_id CVE-2008-4775;OSVDB-49692
reference_type exploit
scores
url https://www.securityfocus.com/bid/31928/info
6
reference_url https://security.gentoo.org/glsa/200903-32
reference_id GLSA-200903-32
reference_type
scores
url https://security.gentoo.org/glsa/200903-32
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.8.1-4?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.8.1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.8.1-4%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-4775
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6cy-znq5-qfa1
242
url VCID-v6xv-djkp-4kgw
vulnerability_id VCID-v6xv-djkp-4kgw
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4997
reference_id
reference_type
scores
0
value 0.00263
scoring_system epss
scoring_elements 0.49906
published_at 2026-06-09T12:55:00Z
1
value 0.00263
scoring_system epss
scoring_elements 0.49925
published_at 2026-06-05T12:55:00Z
2
value 0.00263
scoring_system epss
scoring_elements 0.49935
published_at 2026-06-06T12:55:00Z
3
value 0.00263
scoring_system epss
scoring_elements 0.49916
published_at 2026-06-07T12:55:00Z
4
value 0.00263
scoring_system epss
scoring_elements 0.49887
published_at 2026-06-08T12:55:00Z
5
value 0.00263
scoring_system epss
scoring_elements 0.49863
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4997
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4997
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4997
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4997
reference_id CVE-2013-4997
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4997
5
reference_url https://github.com/advisories/GHSA-5gh4-v2ch-pcx4
reference_id GHSA-5gh4-v2ch-pcx4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5gh4-v2ch-pcx4
6
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-4997, GHSA-5gh4-v2ch-pcx4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6xv-djkp-4kgw
243
url VCID-v7dk-szsy-vfh4
vulnerability_id VCID-v7dk-szsy-vfh4
summary phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3456.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3456.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3456
reference_id
reference_type
scores
0
value 0.01706
scoring_system epss
scoring_elements 0.82659
published_at 2026-06-04T12:55:00Z
1
value 0.01706
scoring_system epss
scoring_elements 0.82686
published_at 2026-06-05T12:55:00Z
2
value 0.01706
scoring_system epss
scoring_elements 0.82684
published_at 2026-06-06T12:55:00Z
3
value 0.01706
scoring_system epss
scoring_elements 0.82683
published_at 2026-06-07T12:55:00Z
4
value 0.01706
scoring_system epss
scoring_elements 0.82676
published_at 2026-06-08T12:55:00Z
5
value 0.01706
scoring_system epss
scoring_elements 0.82689
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3456
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3456
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3456
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=456637
reference_id 456637
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=456637
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.11.8~rc1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.11.8~rc1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.11.8~rc1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-3456
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7dk-szsy-vfh4
244
url VCID-vpf2-5j4s-jqeb
vulnerability_id VCID-vpf2-5j4s-jqeb
summary An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the MySQL database. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9864
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.48175
published_at 2026-06-05T12:55:00Z
1
value 0.00247
scoring_system epss
scoring_elements 0.48177
published_at 2026-06-06T12:55:00Z
2
value 0.00247
scoring_system epss
scoring_elements 0.48159
published_at 2026-06-07T12:55:00Z
3
value 0.00247
scoring_system epss
scoring_elements 0.48129
published_at 2026-06-08T12:55:00Z
4
value 0.00247
scoring_system epss
scoring_elements 0.48142
published_at 2026-06-09T12:55:00Z
5
value 0.00419
scoring_system epss
scoring_elements 0.62193
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9864
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9864
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-9864
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpf2-5j4s-jqeb
245
url VCID-vxc7-fwud-33an
vulnerability_id VCID-vxc7-fwud-33an
summary An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6630
reference_id
reference_type
scores
0
value 0.0069
scoring_system epss
scoring_elements 0.72171
published_at 2026-06-04T12:55:00Z
1
value 0.0069
scoring_system epss
scoring_elements 0.72213
published_at 2026-06-05T12:55:00Z
2
value 0.0069
scoring_system epss
scoring_elements 0.72219
published_at 2026-06-06T12:55:00Z
3
value 0.0069
scoring_system epss
scoring_elements 0.72198
published_at 2026-06-07T12:55:00Z
4
value 0.0069
scoring_system epss
scoring_elements 0.72186
published_at 2026-06-08T12:55:00Z
5
value 0.0069
scoring_system epss
scoring_elements 0.72211
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6630
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6630
2
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6630
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxc7-fwud-33an
246
url VCID-vxj9-zxns-kkh9
vulnerability_id VCID-vxj9-zxns-kkh9
summary An issue was discovered in phpMyAdmin. A user can be tricked into following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the user's valid phpMyAdmin token. All 4.0.x versions (prior to 4.0.10.16) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4412
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47231
published_at 2026-06-04T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47296
published_at 2026-06-05T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47298
published_at 2026-06-06T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.4728
published_at 2026-06-07T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.4725
published_at 2026-06-08T12:55:00Z
5
value 0.0024
scoring_system epss
scoring_elements 0.47264
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4412
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4412
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4412
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.1.7-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.1.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.1.7-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-4412
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxj9-zxns-kkh9
247
url VCID-w3ts-c8np-2qbh
vulnerability_id VCID-w3ts-c8np-2qbh
summary Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter. NOTE: a third party reports that this is "not exploitable.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1937
reference_id
reference_type
scores
0
value 0.08766
scoring_system epss
scoring_elements 0.9266
published_at 2026-06-04T12:55:00Z
1
value 0.08766
scoring_system epss
scoring_elements 0.92672
published_at 2026-06-05T12:55:00Z
2
value 0.08766
scoring_system epss
scoring_elements 0.92669
published_at 2026-06-06T12:55:00Z
3
value 0.08766
scoring_system epss
scoring_elements 0.92664
published_at 2026-06-07T12:55:00Z
4
value 0.08766
scoring_system epss
scoring_elements 0.92662
published_at 2026-06-08T12:55:00Z
5
value 0.08766
scoring_system epss
scoring_elements 0.9268
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1937
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38440.txt
reference_id CVE-2013-1937;OSVDB-92201
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38440.txt
2
reference_url https://www.securityfocus.com/bid/58962/info
reference_id CVE-2013-1937;OSVDB-92201
reference_type exploit
scores
url https://www.securityfocus.com/bid/58962/info
3
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-1937
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w3ts-c8np-2qbh
248
url VCID-w6nk-akeh-4ufg
vulnerability_id VCID-w6nk-akeh-4ufg
summary 
Cross-Site Request Forgery (CSRF)
A CSRF issue in phpMyAdmin allows deletion of any server in the Setup page.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html
2
reference_url http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12922
reference_id
reference_type
scores
0
value 0.31957
scoring_system epss
scoring_elements 0.96921
published_at 2026-06-09T12:55:00Z
1
value 0.31957
scoring_system epss
scoring_elements 0.96908
published_at 2026-06-04T12:55:00Z
2
value 0.31957
scoring_system epss
scoring_elements 0.96912
published_at 2026-06-05T12:55:00Z
3
value 0.31957
scoring_system epss
scoring_elements 0.96916
published_at 2026-06-08T12:55:00Z
4
value 0.31957
scoring_system epss
scoring_elements 0.96917
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12922
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922
5
reference_url http://seclists.org/fulldisclosure/2019/Sep/23
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Sep/23
6
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161
7
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN
11
reference_url https://www.exploit-db.com/exploits/47385
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/47385
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt
reference_id CVE-2019-12922
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12922
reference_id CVE-2019-12922
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12922
14
reference_url https://github.com/advisories/GHSA-4c9q-64gq-xhx4
reference_id GHSA-4c9q-64gq-xhx4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4c9q-64gq-xhx4
15
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2019-12922, GHSA-4c9q-64gq-xhx4
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6nk-akeh-4ufg
249
url VCID-wfpq-um6w-gqfx
vulnerability_id VCID-wfpq-um6w-gqfx
summary libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-7251.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-7251.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-7251
reference_id
reference_type
scores
0
value 0.02533
scoring_system epss
scoring_elements 0.85719
published_at 2026-06-04T12:55:00Z
1
value 0.02533
scoring_system epss
scoring_elements 0.85742
published_at 2026-06-05T12:55:00Z
2
value 0.02533
scoring_system epss
scoring_elements 0.85744
published_at 2026-06-06T12:55:00Z
3
value 0.02533
scoring_system epss
scoring_elements 0.8574
published_at 2026-06-07T12:55:00Z
4
value 0.02533
scoring_system epss
scoring_elements 0.85725
published_at 2026-06-08T12:55:00Z
5
value 0.02533
scoring_system epss
scoring_elements 0.85739
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-7251
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=557307
reference_id 557307
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=557307
4
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.0.0-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2008-7251
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfpq-um6w-gqfx
250
url VCID-wn4f-7vjc-b7gx
vulnerability_id VCID-wn4f-7vjc-b7gx
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3301
reference_id
reference_type
scores
0
value 0.11794
scoring_system epss
scoring_elements 0.93842
published_at 2026-06-04T12:55:00Z
1
value 0.11794
scoring_system epss
scoring_elements 0.93852
published_at 2026-06-05T12:55:00Z
2
value 0.11794
scoring_system epss
scoring_elements 0.93851
published_at 2026-06-07T12:55:00Z
3
value 0.11794
scoring_system epss
scoring_elements 0.93849
published_at 2026-06-08T12:55:00Z
4
value 0.11794
scoring_system epss
scoring_elements 0.93855
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3301
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3301
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335513
reference_id 335513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335513
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26392.txt
reference_id CVE-2005-3301;OSVDB-20261
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26392.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26393.txt
reference_id CVE-2005-3301;OSVDB-20262
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/26393.txt
5
reference_url https://www.securityfocus.com/bid/15196/info
reference_id CVE-2005-3301;OSVDB-20262
reference_type exploit
scores
url https://www.securityfocus.com/bid/15196/info
6
reference_url https://security.gentoo.org/glsa/200510-21
reference_id GLSA-200510-21
reference_type
scores
url https://security.gentoo.org/glsa/200510-21
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.6.4-pl3-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.6.4-pl3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.6.4-pl3-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2005-3301
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wn4f-7vjc-b7gx
251
url VCID-wp65-ncc7-dkhh
vulnerability_id VCID-wp65-ncc7-dkhh
summary Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by (1) directly setting a token in the URL though dynamic variable evaluation and (2) unsetting arbitrary variables via the _REQUEST array, related to (a) libraries/common.lib.php, (b) session.inc.php, and (c) url_generating.lib.php. NOTE: the PHP unset function vector is covered by CVE-2006-3017.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5116
reference_id
reference_type
scores
0
value 0.03863
scoring_system epss
scoring_elements 0.8843
published_at 2026-06-04T12:55:00Z
1
value 0.03863
scoring_system epss
scoring_elements 0.88448
published_at 2026-06-07T12:55:00Z
2
value 0.03863
scoring_system epss
scoring_elements 0.8845
published_at 2026-06-06T12:55:00Z
3
value 0.03863
scoring_system epss
scoring_elements 0.88449
published_at 2026-06-08T12:55:00Z
4
value 0.03863
scoring_system epss
scoring_elements 0.88464
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5116
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5116
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391090
reference_id 391090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391090
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:2.9.0.2-0.1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:2.9.0.2-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:2.9.0.2-0.1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2006-5116
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wp65-ncc7-dkhh
252
url VCID-ww5r-71kf-tfgr
vulnerability_id VCID-ww5r-71kf-tfgr
summary Cross-site scripting (XSS) vulnerability in libraries/schema/Export_Relation_Schema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schema_export.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5002
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43318
published_at 2026-06-09T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.43368
published_at 2026-06-06T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43344
published_at 2026-06-07T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43309
published_at 2026-06-08T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43285
published_at 2026-06-04T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43358
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5002
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-5002
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-5002
7
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php
8
reference_url https://github.com/advisories/GHSA-p632-5w74-x8xx
reference_id GHSA-p632-5w74-x8xx
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p632-5w74-x8xx
9
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-5002, GHSA-p632-5w74-x8xx
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ww5r-71kf-tfgr
253
url VCID-x1jp-g4k8-mkdh
vulnerability_id VCID-x1jp-g4k8-mkdh
summary Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4780
reference_id
reference_type
scores
0
value 0.00475
scoring_system epss
scoring_elements 0.65195
published_at 2026-06-04T12:55:00Z
1
value 0.00475
scoring_system epss
scoring_elements 0.65238
published_at 2026-06-05T12:55:00Z
2
value 0.00475
scoring_system epss
scoring_elements 0.65248
published_at 2026-06-06T12:55:00Z
3
value 0.00475
scoring_system epss
scoring_elements 0.65237
published_at 2026-06-07T12:55:00Z
4
value 0.00475
scoring_system epss
scoring_elements 0.65225
published_at 2026-06-08T12:55:00Z
5
value 0.00475
scoring_system epss
scoring_elements 0.65244
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4780
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4780
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.9-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.9-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-4780
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1jp-g4k8-mkdh
254
url VCID-x75q-4y74-d3gt
vulnerability_id VCID-x75q-4y74-d3gt
summary An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6627
reference_id
reference_type
scores
0
value 0.0035
scoring_system epss
scoring_elements 0.57705
published_at 2026-06-04T12:55:00Z
1
value 0.0035
scoring_system epss
scoring_elements 0.57757
published_at 2026-06-05T12:55:00Z
2
value 0.0035
scoring_system epss
scoring_elements 0.57765
published_at 2026-06-06T12:55:00Z
3
value 0.0035
scoring_system epss
scoring_elements 0.57756
published_at 2026-06-07T12:55:00Z
4
value 0.0035
scoring_system epss
scoring_elements 0.57743
published_at 2026-06-08T12:55:00Z
5
value 0.0035
scoring_system epss
scoring_elements 0.5776
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6627
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6627
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6627
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x75q-4y74-d3gt
255
url VCID-x8zu-a97g-2kak
vulnerability_id VCID-x8zu-a97g-2kak
summary Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3056
reference_id
reference_type
scores
0
value 0.00761
scoring_system epss
scoring_elements 0.73723
published_at 2026-06-04T12:55:00Z
1
value 0.00761
scoring_system epss
scoring_elements 0.7376
published_at 2026-06-05T12:55:00Z
2
value 0.00761
scoring_system epss
scoring_elements 0.73764
published_at 2026-06-06T12:55:00Z
3
value 0.00761
scoring_system epss
scoring_elements 0.73751
published_at 2026-06-07T12:55:00Z
4
value 0.00761
scoring_system epss
scoring_elements 0.73734
published_at 2026-06-08T12:55:00Z
5
value 0.00761
scoring_system epss
scoring_elements 0.73761
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3056
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056
2
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.5.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.5.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.5.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2010-3056
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8zu-a97g-2kak
256
url VCID-xgnx-jteb-myf7
vulnerability_id VCID-xgnx-jteb-myf7
summary phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5029
reference_id
reference_type
scores
0
value 0.01725
scoring_system epss
scoring_elements 0.82767
published_at 2026-06-04T12:55:00Z
1
value 0.01725
scoring_system epss
scoring_elements 0.82792
published_at 2026-06-05T12:55:00Z
2
value 0.01725
scoring_system epss
scoring_elements 0.82791
published_at 2026-06-06T12:55:00Z
3
value 0.01725
scoring_system epss
scoring_elements 0.82789
published_at 2026-06-07T12:55:00Z
4
value 0.01725
scoring_system epss
scoring_elements 0.82782
published_at 2026-06-08T12:55:00Z
5
value 0.01725
scoring_system epss
scoring_elements 0.82795
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5029
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5029
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5029
2
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.0.5-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.0.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.0.5-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-5029
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xgnx-jteb-myf7
257
url VCID-xqf5-yxf3-u3he
vulnerability_id VCID-xqf5-yxf3-u3he
summary 
Cross-site Scripting
An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6628
reference_id
reference_type
scores
0
value 0.00258
scoring_system epss
scoring_elements 0.49425
published_at 2026-06-04T12:55:00Z
1
value 0.00258
scoring_system epss
scoring_elements 0.49465
published_at 2026-06-09T12:55:00Z
2
value 0.00258
scoring_system epss
scoring_elements 0.49453
published_at 2026-06-08T12:55:00Z
3
value 0.00258
scoring_system epss
scoring_elements 0.49498
published_at 2026-06-06T12:55:00Z
4
value 0.00258
scoring_system epss
scoring_elements 0.49487
published_at 2026-06-05T12:55:00Z
5
value 0.00258
scoring_system epss
scoring_elements 0.49482
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6628
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-51
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-51
6
reference_url http://www.securityfocus.com/bid/92492
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92492
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6628
reference_id CVE-2016-6628
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6628
8
reference_url https://github.com/advisories/GHSA-phhm-63xx-v9rr
reference_id GHSA-phhm-63xx-v9rr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-phhm-63xx-v9rr
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6628, GHSA-phhm-63xx-v9rr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xqf5-yxf3-u3he
258
url VCID-xsa5-sgyr-zkd4
vulnerability_id VCID-xsa5-sgyr-zkd4
summary error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing "@" characters, as demonstrated using "[a@url@page]".
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4480
reference_id
reference_type
scores
0
value 0.07454
scoring_system epss
scoring_elements 0.91901
published_at 2026-06-04T12:55:00Z
1
value 0.07454
scoring_system epss
scoring_elements 0.91913
published_at 2026-06-05T12:55:00Z
2
value 0.07454
scoring_system epss
scoring_elements 0.91914
published_at 2026-06-06T12:55:00Z
3
value 0.07454
scoring_system epss
scoring_elements 0.91912
published_at 2026-06-08T12:55:00Z
4
value 0.07454
scoring_system epss
scoring_elements 0.91926
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4480
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608290
reference_id 608290
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608290
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/15699.txt
reference_id CVE-2010-4480;OSVDB-69706;OSVDB-69684
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/15699.txt
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.3.7-3?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.3.7-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.3.7-3%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2010-4480
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xsa5-sgyr-zkd4
259
url VCID-y57y-zdmd-8bhr
vulnerability_id VCID-y57y-zdmd-8bhr
summary Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1148.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1148.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1148
reference_id
reference_type
scores
0
value 0.00596
scoring_system epss
scoring_elements 0.69738
published_at 2026-06-04T12:55:00Z
1
value 0.00596
scoring_system epss
scoring_elements 0.69778
published_at 2026-06-05T12:55:00Z
2
value 0.00596
scoring_system epss
scoring_elements 0.69786
published_at 2026-06-06T12:55:00Z
3
value 0.00596
scoring_system epss
scoring_elements 0.69777
published_at 2026-06-07T12:55:00Z
4
value 0.00596
scoring_system epss
scoring_elements 0.69765
published_at 2026-06-08T12:55:00Z
5
value 0.00596
scoring_system epss
scoring_elements 0.69787
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1148
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1148
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1148
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id 492066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=492066
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-1148
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y57y-zdmd-8bhr
260
url VCID-yvwv-ttjs-9udg
vulnerability_id VCID-yvwv-ttjs-9udg
summary Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2284.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2284.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2284
reference_id
reference_type
scores
0
value 0.00521
scoring_system epss
scoring_elements 0.67195
published_at 2026-06-04T12:55:00Z
1
value 0.00521
scoring_system epss
scoring_elements 0.67235
published_at 2026-06-05T12:55:00Z
2
value 0.00521
scoring_system epss
scoring_elements 0.67243
published_at 2026-06-06T12:55:00Z
3
value 0.00521
scoring_system epss
scoring_elements 0.67227
published_at 2026-06-07T12:55:00Z
4
value 0.00521
scoring_system epss
scoring_elements 0.6721
published_at 2026-06-08T12:55:00Z
5
value 0.00521
scoring_system epss
scoring_elements 0.67225
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2284
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2284
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2284
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=508879
reference_id 508879
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=508879
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535890
reference_id 535890
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535890
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.2.0.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.2.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.2.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-2284
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yvwv-ttjs-9udg
261
url VCID-z76m-em7w-5qf6
vulnerability_id VCID-z76m-em7w-5qf6
summary Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1151.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1151.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1151
reference_id
reference_type
scores
0
value 0.93271
scoring_system epss
scoring_elements 0.99814
published_at 2026-06-08T12:55:00Z
1
value 0.93271
scoring_system epss
scoring_elements 0.99815
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1151
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151
3
reference_url http://www.securityfocus.com/bid/34236
reference_id 34236
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://www.securityfocus.com/bid/34236
4
reference_url http://secunia.com/advisories/34430
reference_id 34430
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://secunia.com/advisories/34430
5
reference_url http://secunia.com/advisories/34642
reference_id 34642
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://secunia.com/advisories/34642
6
reference_url http://secunia.com/advisories/35585
reference_id 35585
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://secunia.com/advisories/35585
7
reference_url http://secunia.com/advisories/35635
reference_id 35635
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://secunia.com/advisories/35635
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=492066
reference_id 492066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=492066
9
reference_url https://www.exploit-db.com/exploits/8921
reference_id 8921
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url https://www.exploit-db.com/exploits/8921
10
reference_url http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/
reference_id about-cve-2009-1151
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/
11
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:115
reference_id advisories?name=MDVSA-2009:115
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:115
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/16913.rb
reference_id CVE-2009-1151;OSVDB-53076
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/16913.rb
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8992.php
reference_id CVE-2009-1151;OSVDB-53076
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8992.php
14
reference_url http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/
reference_id cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/
15
reference_url http://www.debian.org/security/2009/dsa-1824
reference_id dsa-1824
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://www.debian.org/security/2009/dsa-1824
16
reference_url https://security.gentoo.org/glsa/200906-03
reference_id GLSA-200906-03
reference_type
scores
url https://security.gentoo.org/glsa/200906-03
17
reference_url http://security.gentoo.org/glsa/glsa-200906-03.xml
reference_id glsa-200906-03.xml
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://security.gentoo.org/glsa/glsa-200906-03.xml
18
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8921.sh
reference_id OSVDB-53076;CVE-2009-1151
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8921.sh
19
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php
reference_id PMASA-2009-3.php
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php
20
reference_url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301
reference_id setup.php?r1=11514&r2=12301&pathrev=12301
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301
21
reference_url http://www.securityfocus.com/archive/1/504191/100/0/threaded
reference_id threaded
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:07:41Z/
url http://www.securityfocus.com/archive/1/504191/100/0/threaded
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.1.3.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.1.3.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2009-1151
risk_score 10.0
exploitability 2.0
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z76m-em7w-5qf6
262
url VCID-zb95-sn9m-r3bu
vulnerability_id VCID-zb95-sn9m-r3bu
summary 
Improper Restriction of XML External Entity Reference
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html
3
reference_url http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4107
reference_id
reference_type
scores
0
value 0.12434
scoring_system epss
scoring_elements 0.94049
published_at 2026-06-09T12:55:00Z
1
value 0.12434
scoring_system epss
scoring_elements 0.94044
published_at 2026-06-07T12:55:00Z
2
value 0.12434
scoring_system epss
scoring_elements 0.94043
published_at 2026-06-08T12:55:00Z
3
value 0.12434
scoring_system epss
scoring_elements 0.94035
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4107
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=751112
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=751112
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4107
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4107
7
reference_url http://seclists.org/fulldisclosure/2011/Nov/21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2011/Nov/21
8
reference_url http://securityreason.com/securityalert/8533
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/8533
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/71108
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/71108
10
reference_url https://github.com/phpmyadmin/phpmyadmin
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin
11
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/2fbf631384fd8cded55f4500cb87b129442f9ed2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/2fbf631384fd8cded55f4500cb87b129442f9ed2
12
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/34d99de000de9d15cfdf5e9cc8b7682d51110bbd
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/34d99de000de9d15cfdf5e9cc8b7682d51110bbd
13
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/5fa86b8e81565c15ddbc359e8f59ecd829a2b717
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/5fa86b8e81565c15ddbc359e8f59ecd829a2b717
14
reference_url https://github.com/phpmyadmin/phpmyadmin/commit/a5e206fbd2ca814042cfc1bb7dd3b40c28ce3fb5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/phpmyadmin/commit/a5e206fbd2ca814042cfc1bb7dd3b40c28ce3fb5
15
reference_url http://www.debian.org/security/2012/dsa-2391
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2391
16
reference_url http://www.openwall.com/lists/oss-security/2011/11/03/3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/11/03/3
17
reference_url http://www.openwall.com/lists/oss-security/2011/11/03/5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/11/03/5
18
reference_url http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656247
reference_id 656247
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656247
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4107
reference_id CVE-2011-4107
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4107
21
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18371.rb
reference_id CVE-2011-4107;OSVDB-76798
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18371.rb
22
reference_url https://github.com/advisories/GHSA-q4mm-89q2-xffg
reference_id GHSA-q4mm-89q2-xffg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q4mm-89q2-xffg
23
reference_url https://security.gentoo.org/glsa/201201-01
reference_id GLSA-201201-01
reference_type
scores
url https://security.gentoo.org/glsa/201201-01
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:3.4.7.1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:3.4.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.7.1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2011-4107, GHSA-q4mm-89q2-xffg
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zb95-sn9m-r3bu
263
url VCID-zmjf-j2zs-23ey
vulnerability_id VCID-zmjf-j2zs-23ey
summary XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6607
reference_id
reference_type
scores
0
value 0.00347
scoring_system epss
scoring_elements 0.57569
published_at 2026-06-04T12:55:00Z
1
value 0.00347
scoring_system epss
scoring_elements 0.57622
published_at 2026-06-05T12:55:00Z
2
value 0.00347
scoring_system epss
scoring_elements 0.5763
published_at 2026-06-06T12:55:00Z
3
value 0.00347
scoring_system epss
scoring_elements 0.57621
published_at 2026-06-07T12:55:00Z
4
value 0.00347
scoring_system epss
scoring_elements 0.57609
published_at 2026-06-08T12:55:00Z
5
value 0.00347
scoring_system epss
scoring_elements 0.57627
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6607
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6607
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6607
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6607
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zmjf-j2zs-23ey
264
url VCID-zvcj-g6rt-s3de
vulnerability_id VCID-zvcj-g6rt-s3de
summary 
Server-Side Request Forgery (SSRF)
phpMyAdmin is vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000017
reference_id
reference_type
scores
0
value 0.0092
scoring_system epss
scoring_elements 0.76341
published_at 2026-06-04T12:55:00Z
1
value 0.0092
scoring_system epss
scoring_elements 0.76374
published_at 2026-06-09T12:55:00Z
2
value 0.0092
scoring_system epss
scoring_elements 0.76351
published_at 2026-06-08T12:55:00Z
3
value 0.0092
scoring_system epss
scoring_elements 0.76371
published_at 2026-06-06T12:55:00Z
4
value 0.0092
scoring_system epss
scoring_elements 0.76369
published_at 2026-06-05T12:55:00Z
5
value 0.0092
scoring_system epss
scoring_elements 0.76362
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000017
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000017
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000017
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://www.phpmyadmin.net/security/PMASA-2017-6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2017-6
4
reference_url http://www.securityfocus.com/bid/95732
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95732
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000017
reference_id CVE-2017-1000017
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000017
6
reference_url https://github.com/advisories/GHSA-99xj-xqc9-98hr
reference_id GHSA-99xj-xqc9-98hr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-99xj-xqc9-98hr
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2017-1000017, GHSA-99xj-xqc9-98hr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zvcj-g6rt-s3de
265
url VCID-zyes-82y3-g7dh
vulnerability_id VCID-zyes-82y3-g7dh
summary An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service (DoS) attack on a server by passing large values to a loop. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6623
reference_id
reference_type
scores
0
value 0.00586
scoring_system epss
scoring_elements 0.69446
published_at 2026-06-04T12:55:00Z
1
value 0.00586
scoring_system epss
scoring_elements 0.69491
published_at 2026-06-09T12:55:00Z
2
value 0.00586
scoring_system epss
scoring_elements 0.69493
published_at 2026-06-06T12:55:00Z
3
value 0.00586
scoring_system epss
scoring_elements 0.69485
published_at 2026-06-05T12:55:00Z
4
value 0.00586
scoring_system epss
scoring_elements 0.69471
published_at 2026-06-08T12:55:00Z
5
value 0.00586
scoring_system epss
scoring_elements 0.69483
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6623
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6623
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6623
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6623
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://web.archive.org/web/20210123204343/http://www.securityfocus.com/bid/95052
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123204343/http://www.securityfocus.com/bid/95052
6
reference_url https://www.phpmyadmin.net/security/PMASA-2016-46
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-46
7
reference_url https://github.com/advisories/GHSA-2mcj-3r3r-v5wm
reference_id GHSA-2mcj-3r3r-v5wm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2mcj-3r3r-v5wm
fixed_packages
0
url pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:4.6.4%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.6.4%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2016-6623, GHSA-2mcj-3r3r-v5wm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zyes-82y3-g7dh
266
url VCID-zzar-2hnu-ykdu
vulnerability_id VCID-zzar-2hnu-ykdu
summary phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3238
reference_id
reference_type
scores
0
value 0.64584
scoring_system epss
scoring_elements 0.98474
published_at 2026-06-04T12:55:00Z
1
value 0.64584
scoring_system epss
scoring_elements 0.98477
published_at 2026-06-08T12:55:00Z
2
value 0.64584
scoring_system epss
scoring_elements 0.98478
published_at 2026-06-06T12:55:00Z
3
value 0.64584
scoring_system epss
scoring_elements 0.98475
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3238
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/25136.rb
reference_id CVE-2013-3238;OSVDB-92793
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/25136.rb
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25003.txt
reference_id CVE-2013-3241;CVE-2013-3240;CVE-2013-3239;CVE-2013-3238;OSVDB-92795;OSVDB-92794;OSVDB-92793;OSVDB-92792
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25003.txt
3
reference_url http://www.waraxe.us/advisory-103.html
reference_id CVE-2013-3241;CVE-2013-3240;CVE-2013-3239;CVE-2013-3238;OSVDB-92795;OSVDB-92794;OSVDB-92793;OSVDB-92792
reference_type exploit
scores
url http://www.waraxe.us/advisory-103.html
4
reference_url https://security.gentoo.org/glsa/201311-02
reference_id GLSA-201311-02
reference_type
scores
url https://security.gentoo.org/glsa/201311-02
fixed_packages
0
url pkg:deb/debian/phpmyadmin@0?distro=trixie
purl pkg:deb/debian/phpmyadmin@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie
1
url pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47ju-f89a-eud8
1
vulnerability VCID-d3qn-js1p-7yeq
2
vulnerability VCID-dmqy-9xth-cuhs
3
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gx8h-5h14-dqez
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2013-3238
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zzar-2hnu-ykdu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie