Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/21731?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "type": "composer", "namespace": "phpmyadmin", "name": "phpmyadmin", "version": "4.7.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.9.11", "latest_non_vulnerable_version": "5.2.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/221913?format=api", "vulnerability_id": "VCID-2jjv-4en4-e3gx", "summary": "phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because \"the CSV file is accurately generated based on the database contents.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-22278", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61125", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61205", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61233", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61199", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61247", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61261", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61281", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61267", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61249", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61273", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61277", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.6127", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61219", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-22278" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22278", "reference_id": "CVE-2020-22278", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22278" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81919?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3" } ], "aliases": [ "CVE-2020-22278" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jjv-4en4-e3gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54510?format=api", "vulnerability_id": "VCID-5657-kcyh-7bc2", "summary": "phpMyAdmin SQL injection in user accounts page\nIn phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-5504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22375", "scoring_system": "epss", "scoring_elements": "0.95856", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.22375", "scoring_system": "epss", "scoring_elements": "0.95834", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.22375", "scoring_system": "epss", "scoring_elements": "0.9584", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.22375", "scoring_system": "epss", "scoring_elements": "0.95843", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.22375", "scoring_system": "epss", "scoring_elements": "0.95844", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95924", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95937", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95908", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95916", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95942", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.23238", "scoring_system": "epss", "scoring_elements": "0.95939", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-5504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504" }, { "reference_url": "https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml" }, { "reference_url": "https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5504", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5504" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718", "reference_id": "948718", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt", "reference_id": "CVE-2020-5504", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt" }, { "reference_url": "https://github.com/advisories/GHSA-fgj8-93xx-f6g6", "reference_id": "GHSA-fgj8-93xx-f6g6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fgj8-93xx-f6g6" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81779?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/81780?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.1" } ], "aliases": [ "CVE-2020-5504", "GHSA-fgj8-93xx-f6g6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5657-kcyh-7bc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10113?format=api", "vulnerability_id": "VCID-986a-3m4g-83ge", "summary": "Cross-Site Request Forgery (CSRF)\nBy deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64036", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64002", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64014", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.6397", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64005", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64017", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64006", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64024", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64038", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63888", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63974", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63934", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63984", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969" }, { "reference_url": "https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175" }, { "reference_url": "https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-7" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-7/" }, { "reference_url": "http://www.securityfocus.com/bid/106175", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106175" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19969", "reference_id": "CVE-2018-19969", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19969" }, { "reference_url": "https://github.com/advisories/GHSA-xwf2-53mc-r8hx", "reference_id": "GHSA-xwf2-53mc-r8hx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xwf2-53mc-r8hx" }, { "reference_url": "https://security.gentoo.org/glsa/201904-16", "reference_id": "GLSA-201904-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201904-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25832?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/33616?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2018-19969", "GHSA-xwf2-53mc-r8hx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-986a-3m4g-83ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10254?format=api", "vulnerability_id": "VCID-br1c-5bzf-ufeu", "summary": "SQL Injection\nAn issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67585", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67562", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67598", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67584", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67551", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67587", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67599", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67578", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67597", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67608", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.6761", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67474", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.6751", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67532", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-2" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-2/" }, { "reference_url": "http://www.securityfocus.com/bid/106727", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106727" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822", "reference_id": "920822", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6798", "reference_id": "CVE-2019-6798", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6798" }, { "reference_url": "https://github.com/advisories/GHSA-f732-fxh6-g4qj", "reference_id": "GHSA-f732-fxh6-g4qj", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f732-fxh6-g4qj" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34735?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2019-6798", "GHSA-f732-fxh6-g4qj" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-br1c-5bzf-ufeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9479?format=api", "vulnerability_id": "VCID-c91y-txcw-2kdy", "summary": "Cross-site Scripting\nAn issue was discovered in `js/designer/move.js` in phpMyAdm A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12581", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70103", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70128", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70121", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70069", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70089", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.7008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70037", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.7005", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70065", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69974", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70042", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70026", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69987", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69978", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e" }, { "reference_url": "https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530" }, { "reference_url": "https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-3" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-3/" }, { "reference_url": "http://www.securityfocus.com/bid/104530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104530" }, { "reference_url": "http://www.securitytracker.com/id/1041187", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041187" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12581", "reference_id": "CVE-2018-12581", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12581" }, { "reference_url": "https://github.com/advisories/GHSA-vxj6-pm6r-23hq", "reference_id": "GHSA-vxj6-pm6r-23hq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vxj6-pm6r-23hq" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29126?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2018-12581", "GHSA-vxj6-pm6r-23hq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c91y-txcw-2kdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10108?format=api", "vulnerability_id": "VCID-ebk2-vjau-57h9", "summary": "Information Exposure\nAn attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85543", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85397", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85409", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85429", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85432", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85461", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85475", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85474", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.8547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85494", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85498", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85495", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85517", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85527", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02543", "scoring_system": "epss", "scoring_elements": "0.85526", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-6" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-6/" }, { "reference_url": "http://www.securityfocus.com/bid/106178", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106178" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19968", "reference_id": "CVE-2018-19968", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19968" }, { "reference_url": "https://github.com/advisories/GHSA-xc97-r49q-cxgc", "reference_id": "GHSA-xc97-r49q-cxgc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xc97-r49q-cxgc" }, { "reference_url": "https://security.gentoo.org/glsa/201904-16", "reference_id": "GLSA-201904-16", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201904-16" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33616?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2018-19968", "GHSA-xc97-r49q-cxgc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9787?format=api", "vulnerability_id": "VCID-fchc-55te-akhe", "summary": "Cross-site Scripting\nAn issue was discovered in phpMyAdm. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71418", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71514", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71526", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71523", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71516", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71465", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71485", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.7148", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71434", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71452", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71446", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71392", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00675", "scoring_system": "epss", "scoring_elements": "0.71433", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15605" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-5" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-5/" }, { "reference_url": "http://www.securityfocus.com/bid/105168", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/105168" }, { "reference_url": "http://www.securitytracker.com/id/1041548", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1041548" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15605", "reference_id": "CVE-2018-15605", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15605" }, { "reference_url": "https://github.com/advisories/GHSA-c958-4j9x-q7w4", "reference_id": "GHSA-c958-4j9x-q7w4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c958-4j9x-q7w4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/30092?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.3" } ], "aliases": [ "CVE-2018-15605", "GHSA-c958-4j9x-q7w4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fchc-55te-akhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58614?format=api", "vulnerability_id": "VCID-g6ud-92qe-hqcx", "summary": "phpMyAdmin unsanitized Git information\nphpMyAdmin before 4.9.2 does not escape certain Git information, related to `libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.7863", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78481", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78487", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78518", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78501", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78528", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78533", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78558", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.7854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78532", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.7856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78559", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78556", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78588", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78596", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01155", "scoring_system": "epss", "scoring_elements": "0.78613", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19617", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19617" }, { "reference_url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released" }, { "reference_url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/" }, { "reference_url": "https://github.com/advisories/GHSA-pgph-mc4p-f8c3", "reference_id": "GHSA-pgph-mc4p-f8c3", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pgph-mc4p-f8c3" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73013?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2" } ], "aliases": [ "CVE-2019-19617", "GHSA-pgph-mc4p-f8c3" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g6ud-92qe-hqcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33181?format=api", "vulnerability_id": "VCID-gu4y-aeqx-mqak", "summary": "SQL injection in phpMyAdmin\nAn issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72895", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.7276", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.7278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72756", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72794", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72808", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72807", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72849", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72859", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72851", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72902", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.729", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72752", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622" }, { "reference_url": "https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18622", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18622" }, { "reference_url": "https://security.gentoo.org/glsa/202003-39", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202003-39" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-5" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-5/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349", "reference_id": "945349", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-jgjc-332c-8cmc", "reference_id": "GHSA-jgjc-332c-8cmc", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jgjc-332c-8cmc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73013?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2019-18622", "GHSA-jgjc-332c-8cmc" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gu4y-aeqx-mqak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8999?format=api", "vulnerability_id": "VCID-hnud-ktgb-dfe6", "summary": "Improper Privilege Management\nAn issue was discovered in `libraries/common` which allows users who have no password set to log in even if the administrator has set `$cfg['Servers'][$i]['AllowNoPassword']` to `false` (which is also the default).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53663", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53642", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53713", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53747", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53766", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53761", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53724", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53741", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53757", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53691", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53643", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53711", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53658", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-8" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-8/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2017-8/" }, { "reference_url": "http://www.securityfocus.com/bid/97211", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/97211" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18264", "reference_id": "CVE-2017-18264", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18264" }, { "reference_url": "https://github.com/advisories/GHSA-5868-g58j-vrj5", "reference_id": "GHSA-5868-g58j-vrj5", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5868-g58j-vrj5" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27586?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.1" } ], "aliases": [ "CVE-2017-18264", "GHSA-5868-g58j-vrj5" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hnud-ktgb-dfe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10733?format=api", "vulnerability_id": "VCID-jma9-9uhu-xuc3", "summary": "SQL Injection\nA vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82904", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82808", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82847", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82846", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82849", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82871", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.8288", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82885", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82743", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82772", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82769", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82801", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82817", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82813", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-3" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-3/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048", "reference_id": "930048", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11768", "reference_id": "CVE-2019-11768", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11768" }, { "reference_url": "https://github.com/advisories/GHSA-x37v-98f9-mj32", "reference_id": "GHSA-x37v-98f9-mj32", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x37v-98f9-mj32" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189136?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/37061?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.0%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.0%252B1" } ], "aliases": [ "CVE-2019-11768", "GHSA-x37v-98f9-mj32" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jma9-9uhu-xuc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8808?format=api", "vulnerability_id": "VCID-mwtw-n1tv-hfd9", "summary": "Cross-site Scripting\nCross-site scripting (XSS) vulnerability in `db_central_columns.php` in phpMyAdm allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7260", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53404", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53399", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53422", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53448", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53417", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53469", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53466", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53481", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53517", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53522", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53503", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53472", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53486", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7260" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3" }, { "reference_url": "https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-1" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-1/" }, { "reference_url": "http://www.securityfocus.com/bid/103099", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/103099" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539", "reference_id": "893539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539" }, { "reference_url": "https://security.archlinux.org/ASA-201802-11", "reference_id": "ASA-201802-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201802-11" }, { "reference_url": "https://security.archlinux.org/AVG-630", "reference_id": "AVG-630", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-630" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7260", "reference_id": "CVE-2018-7260", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7260" }, { "reference_url": "https://github.com/advisories/GHSA-gqmj-f46x-wqhw", "reference_id": "GHSA-gqmj-f46x-wqhw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gqmj-f46x-wqhw" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/26544?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2018-7260", "GHSA-gqmj-f46x-wqhw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mwtw-n1tv-hfd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54695?format=api", "vulnerability_id": "VCID-ngtc-xtjn-xbhp", "summary": "phpMyAdmin SQL injection vulnerability\nIn phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81871", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81931", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81912", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81907", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81896", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81873", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81769", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.818", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81779", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.8187", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81834", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.8184", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81852", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01622", "scoring_system": "epss", "scoring_elements": "0.81833", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10802", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" }, { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10802" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-3" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-3/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665", "reference_id": "954665", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-f4cr-3xmc-2wpm", "reference_id": "GHSA-f4cr-3xmc-2wpm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f4cr-3xmc-2wpm" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81952?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55567?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-dsxw-w87t-eycw" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2" } ], "aliases": [ "CVE-2020-10802", "GHSA-f4cr-3xmc-2wpm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngtc-xtjn-xbhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10112?format=api", "vulnerability_id": "VCID-qcra-cu62-43he", "summary": "Cross-site Scripting\nIn phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81107", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81226", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.8121", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81205", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81198", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81175", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81178", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81176", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81139", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81146", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81141", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81074", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81135", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81108", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2018-8" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2018-8/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2018-8/" }, { "reference_url": "http://www.securityfocus.com/bid/106181", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106181" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19970", "reference_id": "CVE-2018-19970", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19970" }, { "reference_url": "https://github.com/advisories/GHSA-8987-93fh-rcwq", "reference_id": "GHSA-8987-93fh-rcwq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8987-93fh-rcwq" }, { "reference_url": "https://security.gentoo.org/glsa/201904-16", "reference_id": "GLSA-201904-16", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201904-16" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33616?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2018-19970", "GHSA-8987-93fh-rcwq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13228?format=api", "vulnerability_id": "VCID-rqy8-n6fr-hqey", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nPhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54811", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54787", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54732", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54908", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54863", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54905", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54888", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63058", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.62955", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63007", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63074", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63091", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63077", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63055", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202311-17", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202311-17" }, { "reference_url": "https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information" }, { "reference_url": "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released" }, { "reference_url": "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0813", "reference_id": "CVE-2022-0813", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0813" }, { "reference_url": "https://github.com/advisories/GHSA-vx8q-j7h9-vf6q", "reference_id": "GHSA-vx8q-j7h9-vf6q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vx8q-j7h9-vf6q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/43865?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/80986?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.3" } ], "aliases": [ "CVE-2022-0813", "GHSA-vx8q-j7h9-vf6q" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqy8-n6fr-hqey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10737?format=api", "vulnerability_id": "VCID-scu3-cfyc-9qfz", "summary": "Cross-Site Request Forgery (CSRF)\nA vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken `<img>` tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific `INSERT` or `DELETE` statement) to the victim.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98072", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98053", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98058", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98059", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98065", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98062", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98061", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98066", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98038", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98043", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.55051", "scoring_system": "epss", "scoring_elements": "0.98045", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec" }, { "reference_url": "https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html" }, { "reference_url": "https://www.phpmyadmin.net/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-4" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-4/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017", "reference_id": "930017", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt", "reference_id": "CVE-2019-12616", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12616", "reference_id": "CVE-2019-12616", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12616" }, { "reference_url": "https://github.com/advisories/GHSA-mfr9-pcm3-6mwc", "reference_id": "GHSA-mfr9-pcm3-6mwc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mfr9-pcm3-6mwc" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37069?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.0" } ], "aliases": [ "CVE-2019-12616", "GHSA-mfr9-pcm3-6mwc" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-scu3-cfyc-9qfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8631?format=api", "vulnerability_id": "VCID-tbnx-nuzv-ebdc", "summary": "Cross-Site Request Forgery (CSRF)\nphpMyAdmin versions is vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping or truncating tables etc.", "references": [ { "reference_url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click" }, { "reference_url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93632", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93574", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93583", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93586", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93612", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93618", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93623", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93627", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93626", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93624", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93556", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11439", "scoring_system": "epss", "scoring_elements": "0.93565", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000499" }, { "reference_url": "https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163" }, { "reference_url": "https://www.exploit-db.com/exploits/45284", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/45284" }, { "reference_url": "https://www.exploit-db.com/exploits/45284/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45284/" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-9" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-9/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2017-9/" }, { "reference_url": "http://www.securitytracker.com/id/1040163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040163" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt", "reference_id": "CVE-2017-1000499", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000499", "reference_id": "CVE-2017-1000499", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000499" }, { "reference_url": "https://github.com/advisories/GHSA-f9hx-5jq4-fgjm", "reference_id": "GHSA-f9hx-5jq4-fgjm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f9hx-5jq4-fgjm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25832?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.7" } ], "aliases": [ "CVE-2017-1000499", "GHSA-f9hx-5jq4-fgjm" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbnx-nuzv-ebdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54679?format=api", "vulnerability_id": "VCID-tks3-6uv4-kygf", "summary": "phpMyAdmin SQL Injection\nIn phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85251", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85114", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85127", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85144", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85169", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85177", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85191", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85189", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85186", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85207", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85208", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85231", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85239", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85237", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10804", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" }, { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10804" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-2" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-2/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667", "reference_id": "954667", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-h65r-8fp8-w7cx", "reference_id": "GHSA-h65r-8fp8-w7cx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h65r-8fp8-w7cx" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81952?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55567?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-dsxw-w87t-eycw" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2" } ], "aliases": [ "CVE-2020-10804", "GHSA-h65r-8fp8-w7cx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tks3-6uv4-kygf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10253?format=api", "vulnerability_id": "VCID-yfja-ssw3-skh1", "summary": "Information Exposure\nWhen the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98937", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98958", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98954", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98935", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98939", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98952", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.9895", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98948", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98947", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98946", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98944", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98933", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98943", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.7658", "scoring_system": "epss", "scoring_elements": "0.98941", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2019-1" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2019-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2019-1/" }, { "reference_url": "http://www.securityfocus.com/bid/106736", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106736" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823", "reference_id": "920823", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6799", "reference_id": "CVE-2019-6799", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6799" }, { "reference_url": "https://github.com/advisories/GHSA-c8wj-q36q-3wg4", "reference_id": "GHSA-c8wj-q36q-3wg4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c8wj-q36q-3wg4" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34735?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2019-6799", "GHSA-c8wj-q36q-3wg4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yfja-ssw3-skh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16445?format=api", "vulnerability_id": "VCID-ym9b-4su6-6fbr", "summary": "Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin\nIn phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09535", "scoring_system": "epss", "scoring_elements": "0.92867", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.09535", "scoring_system": "epss", "scoring_elements": "0.92876", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.09535", "scoring_system": "epss", "scoring_elements": "0.92872", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.1094", "scoring_system": "epss", "scoring_elements": "0.93428", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.1094", "scoring_system": "epss", "scoring_elements": "0.93438", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.1094", "scoring_system": "epss", "scoring_elements": "0.93434", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.1094", "scoring_system": "epss", "scoring_elements": "0.93405", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.1094", "scoring_system": "epss", "scoring_elements": "0.93423", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11079", "scoring_system": "epss", "scoring_elements": "0.93441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11079", "scoring_system": "epss", "scoring_elements": "0.93433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11079", "scoring_system": "epss", "scoring_elements": "0.93445", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11079", "scoring_system": "epss", "scoring_elements": "0.93425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11079", "scoring_system": "epss", "scoring_elements": "0.9345", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.11079", "scoring_system": "epss", "scoring_elements": "0.93451", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2023-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2023-1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25727", "reference_id": "CVE-2023-25727", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25727" }, { "reference_url": "https://github.com/advisories/GHSA-6hr3-44gx-g6wh", "reference_id": "GHSA-6hr3-44gx-g6wh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6hr3-44gx-g6wh" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2023-1/", "reference_id": "PMASA-2023-1", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2023-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55878?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/55879?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-araw-4wdy-hqcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.1" } ], "aliases": [ "CVE-2023-25727", "GHSA-6hr3-44gx-g6wh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ym9b-4su6-6fbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57068?format=api", "vulnerability_id": "VCID-znfm-ak2t-mqdd", "summary": "phpMyAdmin SQL injection vulnerability\nIn phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10803", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87745", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87643", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87666", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87667", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87688", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87706", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87699", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87697", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87712", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87708", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87726", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.87732", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03554", "scoring_system": "epss", "scoring_elements": "0.8773", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10803", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10803" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2020-4" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2020-4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2020-4/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666", "reference_id": "954666", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-fcww-8wvc-38q9", "reference_id": "GHSA-fcww-8wvc-38q9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fcww-8wvc-38q9" }, { "reference_url": "https://usn.ubuntu.com/4639-1/", "reference_id": "USN-4639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81952?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/55567?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-dsxw-w87t-eycw" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2" } ], "aliases": [ "CVE-2020-10803", "GHSA-fcww-8wvc-38q9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znfm-ak2t-mqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57551?format=api", "vulnerability_id": "VCID-zyzp-aqd8-e3a9", "summary": "phpMyAdmin Cross-Site Request Forgery (CSRF)\nA CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html" }, { "reference_url": "http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97466", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97422", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97429", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97433", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97442", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97447", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97456", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.9746", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97459", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97458", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.4225", "scoring_system": "epss", "scoring_elements": "0.97462", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Sep/23", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/Sep/23" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12922", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12922" }, { "reference_url": "https://www.exploit-db.com/exploits/47385", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/47385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt", "reference_id": "CVE-2019-12922", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt" }, { "reference_url": "https://github.com/advisories/GHSA-4c9q-64gq-xhx4", "reference_id": "GHSA-4c9q-64gq-xhx4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4c9q-64gq-xhx4" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83854?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/55566?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-2y3v-jnph-hfh4" }, { "vulnerability": "VCID-41mv-6vqr-sua6" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-araw-4wdy-hqcz" }, { "vulnerability": "VCID-mk34-h4nz-b3ey" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0" } ], "aliases": [ "CVE-2019-12922", "GHSA-4c9q-64gq-xhx4" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzp-aqd8-e3a9" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7575?format=api", "vulnerability_id": "VCID-1dc8-kafr-3qd7", "summary": "Cross-site Scripting\nAn issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49214", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49096", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4918", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49223", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49225", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49255", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49257", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49212", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49207", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49234", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49155", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49165", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-51", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-51" }, { "reference_url": "http://www.securityfocus.com/bid/92492", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92492" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6628", "reference_id": "CVE-2016-6628", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6628" }, { "reference_url": "https://github.com/advisories/GHSA-phhm-63xx-v9rr", "reference_id": "GHSA-phhm-63xx-v9rr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-phhm-63xx-v9rr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6628", "GHSA-phhm-63xx-v9rr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1dc8-kafr-3qd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8001?format=api", "vulnerability_id": "VCID-24e9-fnt7-jqdu", "summary": "Improper Input Validation\nphpMyAdmin is vulnerable to a DoS attack in the replication status by using a specially crafted table name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79787", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79695", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79688", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79717", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.7972", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79751", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79758", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79773", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79639", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79646", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79667", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79654", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.7969", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79711", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000018" }, { "reference_url": "https://web.archive.org/web/20210123220317/http://www.securityfocus.com/bid/95738", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220317/http://www.securityfocus.com/bid/95738" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-7" }, { "reference_url": "http://www.securityfocus.com/bid/95738", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95738" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000018", "reference_id": "CVE-2017-1000018", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000018" }, { "reference_url": "https://github.com/advisories/GHSA-47qr-f86f-3wm4", "reference_id": "GHSA-47qr-f86f-3wm4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-47qr-f86f-3wm4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54787?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B19" }, { "url": "http://public2.vulnerablecode.io/api/packages/24385?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B10" }, { "url": "http://public2.vulnerablecode.io/api/packages/24386?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2017-1000018", "GHSA-47qr-f86f-3wm4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24e9-fnt7-jqdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7308?format=api", "vulnerability_id": "VCID-3yp5-vqej-r7hh", "summary": "Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin allow remote authenticated users to inject arbitrary web script or HTML.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65712", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65629", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65659", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65625", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65677", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65689", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65695", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65665", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.657", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65714", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65697", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65723", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65698", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65722", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65581", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-3.php" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2040", "reference_id": "CVE-2016-2040", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2040" }, { "reference_url": "https://github.com/advisories/GHSA-pw34-qf6c-84fc", "reference_id": "GHSA-pw34-qf6c-84fc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pw34-qf6c-84fc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/21730?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2g3b-qqxy-ekcq" }, { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-7mys-s9mz-h3g1" }, { "vulnerability": "VCID-7n1n-uj91-8ugg" }, { "vulnerability": "VCID-b5bf-6u8e-byh8" }, { "vulnerability": "VCID-b9b1-624h-uubt" }, { "vulnerability": "VCID-cy6p-nz8a-zydk" }, { "vulnerability": "VCID-eq3j-14fc-2uev" }, { "vulnerability": "VCID-f7gd-w9r7-xyb2" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-q2be-73wp-tbav" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-wamt-3g12-t7ch" }, { "vulnerability": "VCID-xu1c-xtb4-9ygg" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/55315?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B13" }, { "url": "http://public2.vulnerablecode.io/api/packages/21725?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3yp5-vqej-r7hh" }, { "vulnerability": "VCID-w37b-ep3h-tfaz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B3" }, { "url": "http://public2.vulnerablecode.io/api/packages/21849?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k7kn-ynne-b3gv" }, { "vulnerability": "VCID-nfuk-7739-xqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-2040", "GHSA-pw34-qf6c-84fc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3yp5-vqej-r7hh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7992?format=api", "vulnerability_id": "VCID-4awg-qnjf-4ua5", "summary": "Improper Input Validation\nA weakness was discovered where an attacker can inject arbitrary values in to the browser cookies.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65513", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65475", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65511", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65523", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65507", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65525", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65536", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65534", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65392", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65441", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65497", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65516", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65503", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000016" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/3b6ed1f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/3b6ed1f" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-5" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000016", "reference_id": "CVE-2017-1000016", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000016" }, { "reference_url": "https://github.com/advisories/GHSA-j2cq-h6v2-f875", "reference_id": "GHSA-j2cq-h6v2-f875", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j2cq-h6v2-f875" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24386?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2017-1000016", "GHSA-j2cq-h6v2-f875" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4awg-qnjf-4ua5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7578?format=api", "vulnerability_id": "VCID-5mda-fksy-bqb2", "summary": "Cross-site Scripting\nAn issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61757", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.6181", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61797", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61777", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61819", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61824", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61807", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61802", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.6182", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61813", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61651", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61725", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61754", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61789", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-64", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-64" }, { "reference_url": "http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9857", "reference_id": "CVE-2016-9857", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9857" }, { "reference_url": "https://github.com/advisories/GHSA-hmmx-wxh4-9w8w", "reference_id": "GHSA-hmmx-wxh4-9w8w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hmmx-wxh4-9w8w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24334?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B18" }, { "url": "http://public2.vulnerablecode.io/api/packages/24335?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B9" }, { "url": "http://public2.vulnerablecode.io/api/packages/24336?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-9857", "GHSA-hmmx-wxh4-9w8w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5mda-fksy-bqb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7602?format=api", "vulnerability_id": "VCID-64sy-unts-juf3", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user session, username, and password are not compromised by this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50817", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50989", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50967", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50951", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50988", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50995", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50974", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50921", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50929", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50891", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50851", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50909", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50892", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-48", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-48" }, { "reference_url": "http://www.securityfocus.com/bid/92491", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92491" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6625", "reference_id": "CVE-2016-6625", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6625" }, { "reference_url": "https://github.com/advisories/GHSA-r643-7xfg-ppc5", "reference_id": "GHSA-r643-7xfg-ppc5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r643-7xfg-ppc5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6625", "GHSA-r643-7xfg-ppc5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-64sy-unts-juf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7993?format=api", "vulnerability_id": "VCID-7h9b-a8dp-57hp", "summary": "Cross-site Scripting\nphpMyAdmin is vulnerable to a CSS injection attack through crafted cookie parameters.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68225", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68211", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68197", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68164", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68202", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68214", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68196", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68238", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68246", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68251", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68101", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68142", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68119", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.6817", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68186", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000015" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://web.archive.org/web/20210123220229/http://www.securityfocus.com/bid/95726", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220229/http://www.securityfocus.com/bid/95726" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-4" }, { "reference_url": "http://www.securityfocus.com/bid/95726", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95726" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000015", "reference_id": "CVE-2017-1000015", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000015" }, { "reference_url": "https://github.com/advisories/GHSA-3fgq-cmr4-97rr", "reference_id": "GHSA-3fgq-cmr4-97rr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fgq-cmr4-97rr" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54787?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B19" }, { "url": "http://public2.vulnerablecode.io/api/packages/24385?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B10" }, { "url": "http://public2.vulnerablecode.io/api/packages/24386?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2017-1000015", "GHSA-3fgq-cmr4-97rr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7h9b-a8dp-57hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7580?format=api", "vulnerability_id": "VCID-8fu3-wm7d-qkeu", "summary": "Incomplete Cleanup\nAn issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68556", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68578", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68572", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68567", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68518", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.6854", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68527", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68488", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.6852", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68506", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68424", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68443", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68463", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-55", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-55" }, { "reference_url": "http://www.securityfocus.com/bid/92497", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92497" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6632", "reference_id": "CVE-2016-6632", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6632" }, { "reference_url": "https://github.com/advisories/GHSA-426q-975p-w5cr", "reference_id": "GHSA-426q-975p-w5cr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-426q-975p-w5cr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6632", "GHSA-426q-975p-w5cr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fu3-wm7d-qkeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7574?format=api", "vulnerability_id": "VCID-8xac-hgvs-ykgn", "summary": "Incomplete List of Disallowed Inputs\nAn issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47745", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.4783", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47884", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47874", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47891", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47937", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47943", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47889", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47879", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47902", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47878", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47821", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47859", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47882", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.4788", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-66", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-66" }, { "reference_url": "http://www.securityfocus.com/bid/94535", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94535" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9861", "reference_id": "CVE-2016-9861", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9861" }, { "reference_url": "https://github.com/advisories/GHSA-r326-mp8g-6xfc", "reference_id": "GHSA-r326-mp8g-6xfc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r326-mp8g-6xfc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24334?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B18" }, { "url": "http://public2.vulnerablecode.io/api/packages/24335?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B9" }, { "url": "http://public2.vulnerablecode.io/api/packages/24336?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-9861", "GHSA-r326-mp8g-6xfc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xac-hgvs-ykgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7600?format=api", "vulnerability_id": "VCID-9t2s-etzf-t3d2", "summary": "Command Injection\nAn issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62166", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62222", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62276", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62283", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62266", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62256", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62272", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6222", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62241", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62252", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62233", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62108", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62169", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62216", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62199", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-32" }, { "reference_url": "http://www.securityfocus.com/bid/94112", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94112" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6609", "reference_id": "CVE-2016-6609", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6609" }, { "reference_url": "https://github.com/advisories/GHSA-wpww-hx7x-xfjh", "reference_id": "GHSA-wpww-hx7x-xfjh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wpww-hx7x-xfjh" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6609", "GHSA-wpww-hx7x-xfjh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9t2s-etzf-t3d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7581?format=api", "vulnerability_id": "VCID-9xxd-uwwt-57ba", "summary": "Cross-site Scripting\nAn XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9856", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61757", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.6181", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61797", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61777", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61819", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61824", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61807", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61802", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.6182", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61813", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61651", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61725", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61754", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61789", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9856" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-64", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-64" }, { "reference_url": "http://www.securityfocus.com/bid/94530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94530" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9856", "reference_id": "CVE-2016-9856", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9856" }, { "reference_url": "https://github.com/advisories/GHSA-j8mx-x32r-5rf4", "reference_id": "GHSA-j8mx-x32r-5rf4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j8mx-x32r-5rf4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24334?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B18" }, { "url": "http://public2.vulnerablecode.io/api/packages/24335?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B9" }, { "url": "http://public2.vulnerablecode.io/api/packages/24336?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-9856", "GHSA-j8mx-x32r-5rf4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9xxd-uwwt-57ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8009?format=api", "vulnerability_id": "VCID-b5d2-5bfb-bbgz", "summary": "Server-Side Request Forgery (SSRF)\nphpMyAdmin is vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.76047", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75961", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75954", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75992", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75994", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75979", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.76017", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.76027", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.76038", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75898", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75902", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75913", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.75946", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0092", "scoring_system": "epss", "scoring_elements": "0.7596", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000017" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-6" }, { "reference_url": "http://www.securityfocus.com/bid/95732", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/95732" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000017", "reference_id": "CVE-2017-1000017", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000017" }, { "reference_url": "https://github.com/advisories/GHSA-99xj-xqc9-98hr", "reference_id": "GHSA-99xj-xqc9-98hr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-99xj-xqc9-98hr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54787?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B19" }, { "url": "http://public2.vulnerablecode.io/api/packages/24385?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B10" }, { "url": "http://public2.vulnerablecode.io/api/packages/24386?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2017-1000017", "GHSA-99xj-xqc9-98hr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b5d2-5bfb-bbgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7583?format=api", "vulnerability_id": "VCID-bcmm-z26p-rkfp", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77259", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77191", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7717", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77206", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77207", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77197", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77233", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77239", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77255", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77104", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7714", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77122", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-65", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-65" }, { "reference_url": "http://www.securityfocus.com/bid/94525", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94525" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9860", "reference_id": "CVE-2016-9860", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9860" }, { "reference_url": "https://github.com/advisories/GHSA-3hw5-fffc-qrg4", "reference_id": "GHSA-3hw5-fffc-qrg4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3hw5-fffc-qrg4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24334?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B18" }, { "url": "http://public2.vulnerablecode.io/api/packages/24335?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B9" }, { "url": "http://public2.vulnerablecode.io/api/packages/24336?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-9860", "GHSA-3hw5-fffc-qrg4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bcmm-z26p-rkfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7589?format=api", "vulnerability_id": "VCID-e9qs-mvaa-wyc6", "summary": "Incomplete List of Disallowed Inputs\nAn issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53244", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53236", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53279", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53316", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53304", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53332", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53352", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53326", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53341", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53291", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53227", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53296", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53276", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-47", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-47" }, { "reference_url": "http://www.securityfocus.com/bid/92489", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92489" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6624", "reference_id": "CVE-2016-6624", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6624" }, { "reference_url": "https://github.com/advisories/GHSA-mhxj-6vf8-mwv3", "reference_id": "GHSA-mhxj-6vf8-mwv3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mhxj-6vf8-mwv3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6624", "GHSA-mhxj-6vf8-mwv3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9qs-mvaa-wyc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7587?format=api", "vulnerability_id": "VCID-fgr8-8j61-cufq", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. A user can exploit the \"LOAD LOCAL INFILE\" functionality to expose files on the server to the database system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6612", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61375", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6145", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61456", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61441", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61453", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61465", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61426", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61444", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61459", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61437", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61406", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-35", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-35" }, { "reference_url": "http://www.securityfocus.com/bid/94113", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94113" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6612", "reference_id": "CVE-2016-6612", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6612" }, { "reference_url": "https://github.com/advisories/GHSA-fcgm-62p3-f7cm", "reference_id": "GHSA-fcgm-62p3-f7cm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fcgm-62p3-f7cm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6612", "GHSA-fcgm-62p3-f7cm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgr8-8j61-cufq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7596?format=api", "vulnerability_id": "VCID-fvnp-w4kk-3qfq", "summary": "Cross-site Scripting\nXSS issues were discovered in phpMyAdmin. This affects the database privilege check and the \"Remove partitioning\" functionality. Specially crafted database names can trigger the XSS attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63738", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63741", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63755", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.6374", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63751", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63756", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63769", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63767", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63625", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63711", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-31", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-31" }, { "reference_url": "http://www.securityfocus.com/bid/93258", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/93258" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6608", "reference_id": "CVE-2016-6608", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6608" }, { "reference_url": "https://github.com/advisories/GHSA-jfmj-27fp-qp67", "reference_id": "GHSA-jfmj-27fp-qp67", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jfmj-27fp-qp67" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6608", "GHSA-jfmj-27fp-qp67" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvnp-w4kk-3qfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7576?format=api", "vulnerability_id": "VCID-gzqe-8ywj-h7hk", "summary": "Cryptographic Issues\nAn issue was discovered in phpMyAdmin. When the user does not specify a `blowfish_secret` key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's `blowfish_secret` and potentially decrypt their cookies.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62678", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62704", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62694", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62671", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62719", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.627", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62712", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62728", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62727", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62563", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.6267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62686", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-58", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-58" }, { "reference_url": "http://www.securityfocus.com/bid/94524", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94524" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9847", "reference_id": "CVE-2016-9847", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9847" }, { "reference_url": "https://github.com/advisories/GHSA-9xhq-pm7v-693p", "reference_id": "GHSA-9xhq-pm7v-693p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9xhq-pm7v-693p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24334?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B18" }, { "url": "http://public2.vulnerablecode.io/api/packages/24335?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B9" }, { "url": "http://public2.vulnerablecode.io/api/packages/24336?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-9847", "GHSA-9xhq-pm7v-693p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gzqe-8ywj-h7hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7585?format=api", "vulnerability_id": "VCID-h5wu-ugm7-4bah", "summary": "Code Injection\nAn issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83017", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82878", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82903", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82911", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82926", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82922", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82918", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8296", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8298", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8299", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82994", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82853", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82869", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82882", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-56", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-56" }, { "reference_url": "http://www.securityfocus.com/bid/92500", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92500" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6633", "reference_id": "CVE-2016-6633", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6633" }, { "reference_url": "https://github.com/advisories/GHSA-p849-vf5f-f3x7", "reference_id": "GHSA-p849-vf5f-f3x7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p849-vf5f-f3x7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6633", "GHSA-p849-vf5f-f3x7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5wu-ugm7-4bah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8999?format=api", "vulnerability_id": "VCID-hnud-ktgb-dfe6", "summary": "Improper Privilege Management\nAn issue was discovered in `libraries/common` which allows users who have no password set to log in even if the administrator has set `$cfg['Servers'][$i]['AllowNoPassword']` to `false` (which is also the default).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53663", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53642", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53713", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53747", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53766", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53761", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53724", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53741", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53757", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53691", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53643", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53711", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53658", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18264" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-8" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-8/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2017-8/" }, { "reference_url": "http://www.securityfocus.com/bid/97211", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/97211" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.7.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18264", "reference_id": "CVE-2017-18264", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18264" }, { "reference_url": "https://github.com/advisories/GHSA-5868-g58j-vrj5", "reference_id": "GHSA-5868-g58j-vrj5", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5868-g58j-vrj5" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/84325?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B20", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B20" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/27586?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.1" } ], "aliases": [ "CVE-2017-18264", "GHSA-5868-g58j-vrj5" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hnud-ktgb-dfe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7430?format=api", "vulnerability_id": "VCID-hucu-azum-53bw", "summary": "Information Exposure\nphpMyAdmin allows remote attackers to obtain sensitive information.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79912", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79883", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.7988", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79879", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79801", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79859", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79875", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79854", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79817", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79829", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79808", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79851", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.7995", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79935", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79918", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5730" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/27664605b945b13e1d2b71adea822ace2099cc96", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/27664605b945b13e1d2b71adea822ace2099cc96" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/331c560fbfa0e7d2dce674b5e88e983c5f2a451d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/331c560fbfa0e7d2dce674b5e88e983c5f2a451d" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/96e0aa35653ec0c66084a7e9343465e16c1f769b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/96e0aa35653ec0c66084a7e9343465e16c1f769b" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/b0180f18c828706af3a6800f0fb01a536d3ef8c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/b0180f18c828706af3a6800f0fb01a536d3ef8c7" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/cd229d718e8cb4bc8ba32446beaa82d27727b6f0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/cd229d718e8cb4bc8ba32446beaa82d27727b6f0" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-23" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-23/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-23/" }, { "reference_url": "http://www.securityfocus.com/bid/91379", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/91379" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5730", "reference_id": "CVE-2016-5730", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5730" }, { "reference_url": "https://github.com/advisories/GHSA-wm9c-vcv2-vpqc", "reference_id": "GHSA-wm9c-vcv2-vpqc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wm9c-vcv2-vpqc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54613?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16" }, { "url": "http://public2.vulnerablecode.io/api/packages/54614?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7" }, { "url": "http://public2.vulnerablecode.io/api/packages/23352?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dc8-kafr-3qd7" }, { "vulnerability": "VCID-64sy-unts-juf3" }, { "vulnerability": "VCID-8fu3-wm7d-qkeu" }, { "vulnerability": "VCID-9t2s-etzf-t3d2" }, { "vulnerability": "VCID-e9qs-mvaa-wyc6" }, { "vulnerability": "VCID-fgr8-8j61-cufq" }, { "vulnerability": "VCID-fvnp-w4kk-3qfq" }, { "vulnerability": "VCID-gzqe-8ywj-h7hk" }, { "vulnerability": "VCID-h5wu-ugm7-4bah" }, { "vulnerability": "VCID-tydk-zjv1-nye6" }, { "vulnerability": "VCID-v66b-3ghf-9uas" }, { "vulnerability": "VCID-z22z-a5bq-97d3" }, { "vulnerability": "VCID-zg16-dfu1-g7dn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-5730", "GHSA-wm9c-vcv2-vpqc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hucu-azum-53bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7595?format=api", "vulnerability_id": "VCID-jj7e-xndw-6fcp", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47227", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47358", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47361", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.4742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47413", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47365", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47353", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47362", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47308", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47299", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47335", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47355", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47303", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-62", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-62" }, { "reference_url": "http://www.securityfocus.com/bid/94534", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94534" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9851", "reference_id": "CVE-2016-9851", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9851" }, { "reference_url": "https://github.com/advisories/GHSA-r2vw-p77f-vc27", "reference_id": "GHSA-r2vw-p77f-vc27", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r2vw-p77f-vc27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24335?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B9" }, { "url": "http://public2.vulnerablecode.io/api/packages/24336?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-9851", "GHSA-r2vw-p77f-vc27" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jj7e-xndw-6fcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7322?format=api", "vulnerability_id": "VCID-k7kn-ynne-b3gv", "summary": "Cross-site Scripting\nA Cross-site scripting (XSS) vulnerability in the format function in `libraries/sql-parser/src/Utils/Error.php` in the SQL parser in phpMyAdmin allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51158", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51211", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51263", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51307", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51286", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51272", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51311", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51297", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51245", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51216", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51174", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51252", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2559" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/3a6a9a807d99371ee126635e1a505fc1fe0df32c" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-10" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-10/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-10/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2559", "reference_id": "CVE-2016-2559", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2559" }, { "reference_url": "https://github.com/advisories/GHSA-7rf8-9r8f-qf59", "reference_id": "GHSA-7rf8-9r8f-qf59", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7rf8-9r8f-qf59" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83653?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.5.5%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.5%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-2559", "GHSA-7rf8-9r8f-qf59" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k7kn-ynne-b3gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7323?format=api", "vulnerability_id": "VCID-nfuk-7739-xqaw", "summary": "Improper Input Validation\nThe `checkHTTP` function in `libraries/Config.class.php` in phpMyAdmin does not verify X.509 certificates from `api.github.com` SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2562", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45621", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45801", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45857", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45854", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45877", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45846", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45907", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.459", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45775", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45786", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45727", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45764", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45829", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45851", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2562" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/e42b7e3aedd29dd0f7a48575f20bfc5aca0ff976" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-13" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-13/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2562", "reference_id": "CVE-2016-2562", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2562" }, { "reference_url": "https://github.com/advisories/GHSA-w8qg-j9fp-hrjf", "reference_id": "GHSA-w8qg-j9fp-hrjf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w8qg-j9fp-hrjf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83653?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.5.5%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.5%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-2562", "GHSA-w8qg-j9fp-hrjf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfuk-7739-xqaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7431?format=api", "vulnerability_id": "VCID-nz1c-xk2s-3fau", "summary": "Cross-site Scripting\nCross-site scripting (XSS) vulnerability in `examples/openid.php` in phpMyAdmin allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62172", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62227", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62148", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62057", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62233", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62216", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62205", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62222", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62215", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62171", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62192", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62203", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62184", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62166", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48c" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/52e7898", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/52e7898" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/5fefa51", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/5fefa51" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/78f6c54", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/78f6c54" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94ab", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94ab" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/d005ba6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d005ba6" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-24", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-24" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-24/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.phpmyadmin.net/security/PMASA-2016-24/" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5731", "reference_id": "CVE-2016-5731", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5731" }, { "reference_url": "https://github.com/advisories/GHSA-mwm8-36c5-j5cf", "reference_id": "GHSA-mwm8-36c5-j5cf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mwm8-36c5-j5cf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54613?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16" }, { "url": "http://public2.vulnerablecode.io/api/packages/54614?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7" }, { "url": "http://public2.vulnerablecode.io/api/packages/23352?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dc8-kafr-3qd7" }, { "vulnerability": "VCID-64sy-unts-juf3" }, { "vulnerability": "VCID-8fu3-wm7d-qkeu" }, { "vulnerability": "VCID-9t2s-etzf-t3d2" }, { "vulnerability": "VCID-e9qs-mvaa-wyc6" }, { "vulnerability": "VCID-fgr8-8j61-cufq" }, { "vulnerability": "VCID-fvnp-w4kk-3qfq" }, { "vulnerability": "VCID-gzqe-8ywj-h7hk" }, { "vulnerability": "VCID-h5wu-ugm7-4bah" }, { "vulnerability": "VCID-tydk-zjv1-nye6" }, { "vulnerability": "VCID-v66b-3ghf-9uas" }, { "vulnerability": "VCID-z22z-a5bq-97d3" }, { "vulnerability": "VCID-zg16-dfu1-g7dn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-5731", "GHSA-mwm8-36c5-j5cf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nz1c-xk2s-3fau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7577?format=api", "vulnerability_id": "VCID-tydk-zjv1-nye6", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77259", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77191", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7717", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77206", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77207", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77197", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77233", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77239", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77255", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77104", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7714", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77122", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-45", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-45" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6622", "reference_id": "CVE-2016-6622", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6622" }, { "reference_url": "https://github.com/advisories/GHSA-qf3f-7x69-qfv3", "reference_id": "GHSA-qf3f-7x69-qfv3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qf3f-7x69-qfv3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6622", "GHSA-qf3f-7x69-qfv3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tydk-zjv1-nye6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8002?format=api", "vulnerability_id": "VCID-uw6h-fpzy-x3ap", "summary": "URL Redirection to Untrusted Site (Open Redirect)\nphpMyAdmin is vulnerable to an open redirect weakness.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46896", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47029", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47036", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47092", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47088", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47024", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46983", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46978", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47033", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.4698", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47035", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47031", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000013" }, { "reference_url": "https://web.archive.org/web/20210123220100/http://www.securityfocus.com/bid/95720", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220100/http://www.securityfocus.com/bid/95720" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-1" }, { "reference_url": "http://www.securityfocus.com/bid/95720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95720" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000013", "reference_id": "CVE-2017-1000013", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000013" }, { "reference_url": "https://github.com/advisories/GHSA-5h5m-fj48-qpjw", "reference_id": "GHSA-5h5m-fj48-qpjw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5h5m-fj48-qpjw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54787?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B19" }, { "url": "http://public2.vulnerablecode.io/api/packages/24385?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B10" }, { "url": "http://public2.vulnerablecode.io/api/packages/24386?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2017-1000013", "GHSA-5h5m-fj48-qpjw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uw6h-fpzy-x3ap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7593?format=api", "vulnerability_id": "VCID-v66b-3ghf-9uas", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin involving the `$cfg['ArbitraryServerRegexp']` configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by `ArbitraryServerRegexp`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54998", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55076", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55138", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55118", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.551", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55142", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55121", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55056", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55048", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54974", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55075", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55101", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-52", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-52" }, { "reference_url": "http://www.securityfocus.com/bid/92493", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92493" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6629", "reference_id": "CVE-2016-6629", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6629" }, { "reference_url": "https://github.com/advisories/GHSA-567r-vqj7-5cw7", "reference_id": "GHSA-567r-vqj7-5cw7", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-567r-vqj7-5cw7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6629", "GHSA-567r-vqj7-5cw7" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v66b-3ghf-9uas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7309?format=api", "vulnerability_id": "VCID-w37b-ep3h-tfaz", "summary": "Covert Timing Channel\n`libraries/common.inc.php` in phpMyAdmin does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77405", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77258", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77269", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77309", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77336", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77316", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77312", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77352", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77344", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77378", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77384", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77397", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-5.php" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2041", "reference_id": "CVE-2016-2041", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2041" }, { "reference_url": "https://github.com/advisories/GHSA-8m97-xc46-rw9w", "reference_id": "GHSA-8m97-xc46-rw9w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8m97-xc46-rw9w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/21730?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2g3b-qqxy-ekcq" }, { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-7mys-s9mz-h3g1" }, { "vulnerability": "VCID-7n1n-uj91-8ugg" }, { "vulnerability": "VCID-b5bf-6u8e-byh8" }, { "vulnerability": "VCID-b9b1-624h-uubt" }, { "vulnerability": "VCID-cy6p-nz8a-zydk" }, { "vulnerability": "VCID-eq3j-14fc-2uev" }, { "vulnerability": "VCID-f7gd-w9r7-xyb2" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-q2be-73wp-tbav" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-wamt-3g12-t7ch" }, { "vulnerability": "VCID-xu1c-xtb4-9ygg" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/55315?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B13" }, { "url": "http://public2.vulnerablecode.io/api/packages/21725?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3yp5-vqej-r7hh" }, { "vulnerability": "VCID-w37b-ep3h-tfaz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B3" }, { "url": "http://public2.vulnerablecode.io/api/packages/21849?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k7kn-ynne-b3gv" }, { "vulnerability": "VCID-nfuk-7739-xqaw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-2041", "GHSA-8m97-xc46-rw9w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w37b-ep3h-tfaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7603?format=api", "vulnerability_id": "VCID-z22z-a5bq-97d3", "summary": "Uncontrolled Resouce Consumption\nAn issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.6791", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68013", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68039", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68034", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68025", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67983", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.6795", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67985", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67998", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67975", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67889", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67912", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67931", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-41", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-41" }, { "reference_url": "http://www.securityfocus.com/bid/95047", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/95047" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6618", "reference_id": "CVE-2016-6618", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6618" }, { "reference_url": "https://github.com/advisories/GHSA-rv6m-chvv-wmxg", "reference_id": "GHSA-rv6m-chvv-wmxg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rv6m-chvv-wmxg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6618", "GHSA-rv6m-chvv-wmxg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z22z-a5bq-97d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7598?format=api", "vulnerability_id": "VCID-zg16-dfu1-g7dn", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61375", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6145", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61456", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61441", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61453", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61465", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61426", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61444", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61459", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61437", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61406", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-36", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-36" }, { "reference_url": "http://www.securityfocus.com/bid/94115", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94115" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6613", "reference_id": "CVE-2016-6613", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6613" }, { "reference_url": "https://github.com/advisories/GHSA-6j2v-g9rg-qcm5", "reference_id": "GHSA-6j2v-g9rg-qcm5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6j2v-g9rg-qcm5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81937?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17" }, { "url": "http://public2.vulnerablecode.io/api/packages/81936?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8" }, { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6613", "GHSA-6j2v-g9rg-qcm5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zg16-dfu1-g7dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8006?format=api", "vulnerability_id": "VCID-zreq-41ja-pbf1", "summary": "Improper Input Validation\nphpMyAdmin is vulnerable to a DoS weakness in the table editing functionality.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.7854", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78474", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78475", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.7847", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78503", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.7851", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78525", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78396", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78417", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78443", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01144", "scoring_system": "epss", "scoring_elements": "0.78448", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000014" }, { "reference_url": "https://web.archive.org/web/20210123220105/http://www.securityfocus.com/bid/95721", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123220105/http://www.securityfocus.com/bid/95721" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2017-3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2017-3" }, { "reference_url": "http://www.securityfocus.com/bid/95721", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95721" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000014", "reference_id": "CVE-2017-1000014", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000014" }, { "reference_url": "https://github.com/advisories/GHSA-9hrc-rwrq-v6mh", "reference_id": "GHSA-9hrc-rwrq-v6mh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9hrc-rwrq-v6mh" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54787?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B19" }, { "url": "http://public2.vulnerablecode.io/api/packages/24385?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B10" }, { "url": "http://public2.vulnerablecode.io/api/packages/24386?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b5d2-5bfb-bbgz" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2017-1000014", "GHSA-9hrc-rwrq-v6mh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zreq-41ja-pbf1" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" }