{"url":"http://public2.vulnerablecode.io/api/packages/123223?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.1.7-1?distro=trixie","type":"deb","namespace":"debian","name":"phpmyadmin","version":"4:4.1.7-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4:4.2.5-1","latest_non_vulnerable_version":"4:5.2.3+dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98130?format=json","vulnerability_id":"VCID-snke-vmcg-xfd2","summary":"Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1879","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46127","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46129","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46108","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46082","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46093","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1879"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/123223?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.1.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.1.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123057?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-47ju-f89a-eud8"},{"vulnerability":"VCID-d3qn-js1p-7yeq"},{"vulnerability":"VCID-dmqy-9xth-cuhs"},{"vulnerability":"VCID-gx8h-5h14-dqez"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123055?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gx8h-5h14-dqez"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123059?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123058?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-1879"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snke-vmcg-xfd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98159?format=json","vulnerability_id":"VCID-vxj9-zxns-kkh9","summary":"An issue was discovered in phpMyAdmin. A user can be tricked into following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the user's valid phpMyAdmin token. All 4.0.x versions (prior to 4.0.10.16) are affected.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4412","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47231","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47296","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47298","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.4728","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.4725","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47264","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4412"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/123223?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.1.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.1.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123057?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-47ju-f89a-eud8"},{"vulnerability":"VCID-d3qn-js1p-7yeq"},{"vulnerability":"VCID-dmqy-9xth-cuhs"},{"vulnerability":"VCID-gx8h-5h14-dqez"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123055?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gx8h-5h14-dqez"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123059?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/123058?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-4412"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vxj9-zxns-kkh9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.1.7-1%3Fdistro=trixie"}