{"url":"http://public2.vulnerablecode.io/api/packages/15974?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","type":"composer","namespace":"phpmyadmin","name":"phpmyadmin","version":"4.9.2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.9.11","latest_non_vulnerable_version":"5.2.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207613?format=json","vulnerability_id":"VCID-4f9y-mpe6-akgc","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79645","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79637","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79652","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79571","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665","reference_id":"954665","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665"},{"reference_url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm","reference_id":"GHSA-f4cr-3xmc-2wpm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384714?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10802","GHSA-f4cr-3xmc-2wpm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4f9y-mpe6-akgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/129282?format=json","vulnerability_id":"VCID-7ab3-tj6r-r3g7","summary":"In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25727","reference_id":"","reference_type":"","scores":[{"value":"0.09658","scoring_system":"epss","scoring_elements":"0.931","published_at":"2026-06-14T12:55:00Z"},{"value":"0.09658","scoring_system":"epss","scoring_elements":"0.93075","published_at":"2026-06-11T12:55:00Z"},{"value":"0.09658","scoring_system":"epss","scoring_elements":"0.93101","published_at":"2026-06-13T12:55:00Z"},{"value":"0.09658","scoring_system":"epss","scoring_elements":"0.93099","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25727","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25727"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2023-1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2023-1"},{"reference_url":"https://github.com/advisories/GHSA-6hr3-44gx-g6wh","reference_id":"GHSA-6hr3-44gx-g6wh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6hr3-44gx-g6wh"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2023-1/","reference_id":"PMASA-2023-1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/"}],"url":"https://www.phpmyadmin.net/security/PMASA-2023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380376?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.11"},{"url":"http://public2.vulnerablecode.io/api/packages/380377?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.1"}],"aliases":["CVE-2023-25727","GHSA-6hr3-44gx-g6wh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ab3-tj6r-r3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/325176?format=json","vulnerability_id":"VCID-dv3f-h92r-37gs","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278","reference_id":"","reference_type":"","scores":[{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61683","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61784","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61792","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61786","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278","reference_id":"CVE-2020-22278","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22491?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-22278"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv3f-h92r-37gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207615?format=json","vulnerability_id":"VCID-e8jm-k1ee-v3dg","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83694","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83752","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83761","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83758","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667","reference_id":"954667","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667"},{"reference_url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx","reference_id":"GHSA-h65r-8fp8-w7cx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384714?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10804","GHSA-h65r-8fp8-w7cx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8jm-k1ee-v3dg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208023?format=json","vulnerability_id":"VCID-h5ft-zg32-myhg","summary":"In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.9593","published_at":"2026-06-11T12:55:00Z"},{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.95943","published_at":"2026-06-12T12:55:00Z"},{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.95944","published_at":"2026-06-13T12:55:00Z"},{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.95947","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504"},{"reference_url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml"},{"reference_url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718","reference_id":"948718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt","reference_id":"CVE-2020-5504","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt"},{"reference_url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6","reference_id":"GHSA-fgj8-93xx-f6g6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384552?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.4"},{"url":"http://public2.vulnerablecode.io/api/packages/384553?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.1"}],"aliases":["CVE-2020-5504","GHSA-fgj8-93xx-f6g6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h5ft-zg32-myhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177152?format=json","vulnerability_id":"VCID-k8q3-v7cc-7yhq","summary":"Multiple vulnerabilities have been found in phpMyAdmin, allowing\n    remote attackers to conduct XSS.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://advisory.checkmarx.net/advisory/CX-2020-4281","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://advisory.checkmarx.net/advisory/CX-2020-4281"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26935","reference_id":"","reference_type":"","scores":[{"value":"0.89641","scoring_system":"epss","scoring_elements":"0.99584","published_at":"2026-06-13T12:55:00Z"},{"value":"0.89641","scoring_system":"epss","scoring_elements":"0.99583","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-6","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-6"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-6/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-6/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000","reference_id":"972000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26935","reference_id":"CVE-2020-26935","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26935"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml","reference_id":"CVE-2020-26935.YAML","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml"},{"reference_url":"https://github.com/advisories/GHSA-7ff4-cv53-4cjq","reference_id":"GHSA-7ff4-cv53-4cjq","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7ff4-cv53-4cjq"},{"reference_url":"https://security.gentoo.org/glsa/202101-35","reference_id":"GLSA-202101-35","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202101-35"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22492?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/22491?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-26935","GHSA-7ff4-cv53-4cjq"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8q3-v7cc-7yhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177151?format=json","vulnerability_id":"VCID-rzd6-pqqs-a3em","summary":"Multiple vulnerabilities have been found in phpMyAdmin, allowing\n    remote attackers to conduct XSS.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26934","reference_id":"","reference_type":"","scores":[{"value":"0.02788","scoring_system":"epss","scoring_elements":"0.86462","published_at":"2026-06-14T12:55:00Z"},{"value":"0.02788","scoring_system":"epss","scoring_elements":"0.86463","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02788","scoring_system":"epss","scoring_elements":"0.86453","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02788","scoring_system":"epss","scoring_elements":"0.86402","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999","reference_id":"971999","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26934","reference_id":"CVE-2020-26934","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26934"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml","reference_id":"CVE-2020-26934.YAML","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml"},{"reference_url":"https://github.com/advisories/GHSA-6349-53vr-7hcr","reference_id":"GHSA-6349-53vr-7hcr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6349-53vr-7hcr"},{"reference_url":"https://security.gentoo.org/glsa/202101-35","reference_id":"GLSA-202101-35","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202101-35"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22492?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/22491?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-26934","GHSA-6349-53vr-7hcr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rzd6-pqqs-a3em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207614?format=json","vulnerability_id":"VCID-sya2-1y7u-b7hu","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86238","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86289","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86299","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86297","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666","reference_id":"954666","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666"},{"reference_url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9","reference_id":"GHSA-fcww-8wvc-38q9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384714?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10803","GHSA-fcww-8wvc-38q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sya2-1y7u-b7hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11154?format=json","vulnerability_id":"VCID-vb6g-x173-9khp","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813","reference_id":"","reference_type":"","scores":[{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55344","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55347","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55223","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55361","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information","reference_id":"","reference_type":"","scores":[],"url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813","reference_id":"CVE-2022-0813","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813"},{"reference_url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q","reference_id":"GHSA-vx8q-j7h9-vf6q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18868?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19652?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.3"}],"aliases":["CVE-2022-0813","GHSA-vx8q-j7h9-vf6q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vb6g-x173-9khp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185185?format=json","vulnerability_id":"VCID-xsbv-xna2-qfeb","summary":"Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of which allows for denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23807","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35001","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34822","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35003","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35024","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2022-1","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2022-1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2022-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2022-1/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23807","reference_id":"CVE-2022-23807","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23807"},{"reference_url":"https://github.com/advisories/GHSA-8wf2-3ggj-78q9","reference_id":"GHSA-8wf2-3ggj-78q9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8wf2-3ggj-78q9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18870?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.8"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/18868?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2"}],"aliases":["CVE-2022-23807","GHSA-8wf2-3ggj-78q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsbv-xna2-qfeb"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177294?format=json","vulnerability_id":"VCID-cauk-7k6d-hbdd","summary":"An SQL injection vulnerability in phpMyAdmin may allow attackers to\n    execute arbitrary SQL statements.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622","reference_id":"","reference_type":"","scores":[{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68702","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68707","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68693","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68604","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622"},{"reference_url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349","reference_id":"945349","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622","reference_id":"CVE-2019-18622","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622"},{"reference_url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc","reference_id":"GHSA-jgjc-332c-8cmc","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc"},{"reference_url":"https://security.gentoo.org/glsa/202003-39","reference_id":"GLSA-202003-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202003-39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15974?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-18622","GHSA-jgjc-332c-8cmc"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cauk-7k6d-hbdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207113?format=json","vulnerability_id":"VCID-w2y5-u1vp-xuh6","summary":"phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19617","reference_id":"","reference_type":"","scores":[{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77386","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77456","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77471","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77462","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19617","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19617"},{"reference_url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released"},{"reference_url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/"},{"reference_url":"https://github.com/advisories/GHSA-pgph-mc4p-f8c3","reference_id":"GHSA-pgph-mc4p-f8c3","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pgph-mc4p-f8c3"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15974?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"}],"aliases":["CVE-2019-19617","GHSA-pgph-mc4p-f8c3"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w2y5-u1vp-xuh6"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"}