{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","type":"composer","namespace":"phpmyadmin","name":"phpmyadmin","version":"5.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.2.2","latest_non_vulnerable_version":"5.2.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207613?format=json","vulnerability_id":"VCID-4f9y-mpe6-akgc","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79571","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79637","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665","reference_id":"954665","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665"},{"reference_url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm","reference_id":"GHSA-f4cr-3xmc-2wpm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10802","GHSA-f4cr-3xmc-2wpm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4f9y-mpe6-akgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/129282?format=json","vulnerability_id":"VCID-7ab3-tj6r-r3g7","summary":"In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25727","reference_id":"","reference_type":"","scores":[{"value":"0.09658","scoring_system":"epss","scoring_elements":"0.93075","published_at":"2026-06-11T12:55:00Z"},{"value":"0.09658","scoring_system":"epss","scoring_elements":"0.93099","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25727","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25727"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2023-1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2023-1"},{"reference_url":"https://github.com/advisories/GHSA-6hr3-44gx-g6wh","reference_id":"GHSA-6hr3-44gx-g6wh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6hr3-44gx-g6wh"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2023-1/","reference_id":"PMASA-2023-1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/"}],"url":"https://www.phpmyadmin.net/security/PMASA-2023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380377?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.1"}],"aliases":["CVE-2023-25727","GHSA-6hr3-44gx-g6wh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ab3-tj6r-r3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124651?format=json","vulnerability_id":"VCID-87ne-4523-v7fa","summary":"An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24530","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54116","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54242","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24530"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00016.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24530","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24530"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2025-1","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2025-1"},{"reference_url":"https://github.com/advisories/GHSA-222v-cx2c-q2f5","reference_id":"GHSA-222v-cx2c-q2f5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-222v-cx2c-q2f5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2025-1/","reference_id":"PMASA-2025-1","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T15:02:00Z/"}],"url":"https://www.phpmyadmin.net/security/PMASA-2025-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376990?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.2.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.2"}],"aliases":["CVE-2025-24530","GHSA-222v-cx2c-q2f5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87ne-4523-v7fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/153648?format=json","vulnerability_id":"VCID-arcu-5cnd-wkdk","summary":"SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22452","reference_id":"","reference_type":"","scores":[{"value":"0.03245","scoring_system":"epss","scoring_elements":"0.87448","published_at":"2026-06-12T12:55:00Z"},{"value":"0.03245","scoring_system":"epss","scoring_elements":"0.87404","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22452"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/bc982466f08ddccad4804ba928f84ff8e25107cb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22452","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22452"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/issues/15898","reference_id":"15898","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/"}],"url":"https://github.com/phpmyadmin/phpmyadmin/issues/15898"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/pull/16004","reference_id":"16004","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/"}],"url":"https://github.com/phpmyadmin/phpmyadmin/pull/16004"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog","reference_id":"ChangeLog","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/"}],"url":"https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog"},{"reference_url":"https://github.com/advisories/GHSA-prcg-mc23-hgjh","reference_id":"GHSA-prcg-mc23-hgjh","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-prcg-mc23-hgjh"},{"reference_url":"http://phpmyadmin.com","reference_id":"phpmyadmin.com","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-01T14:07:49Z/"}],"url":"http://phpmyadmin.com"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-22452","GHSA-prcg-mc23-hgjh"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-arcu-5cnd-wkdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/325176?format=json","vulnerability_id":"VCID-dv3f-h92r-37gs","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278","reference_id":"","reference_type":"","scores":[{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61683","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61784","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278","reference_id":"CVE-2020-22278","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22491?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-22278"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv3f-h92r-37gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207615?format=json","vulnerability_id":"VCID-e8jm-k1ee-v3dg","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83752","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83694","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667","reference_id":"954667","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667"},{"reference_url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx","reference_id":"GHSA-h65r-8fp8-w7cx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10804","GHSA-h65r-8fp8-w7cx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8jm-k1ee-v3dg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208023?format=json","vulnerability_id":"VCID-h5ft-zg32-myhg","summary":"In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.9593","published_at":"2026-06-11T12:55:00Z"},{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.95943","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504"},{"reference_url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml"},{"reference_url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718","reference_id":"948718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt","reference_id":"CVE-2020-5504","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt"},{"reference_url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6","reference_id":"GHSA-fgj8-93xx-f6g6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384553?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.1"}],"aliases":["CVE-2020-5504","GHSA-fgj8-93xx-f6g6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h5ft-zg32-myhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177152?format=json","vulnerability_id":"VCID-k8q3-v7cc-7yhq","summary":"Multiple vulnerabilities have been found in phpMyAdmin, allowing\n    remote attackers to conduct XSS.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://advisory.checkmarx.net/advisory/CX-2020-4281","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://advisory.checkmarx.net/advisory/CX-2020-4281"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26935","reference_id":"","reference_type":"","scores":[{"value":"0.89641","scoring_system":"epss","scoring_elements":"0.99583","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26935"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-6","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-6"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-6/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-6/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000","reference_id":"972000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972000"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26935","reference_id":"CVE-2020-26935","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26935"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml","reference_id":"CVE-2020-26935.YAML","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26935.yaml"},{"reference_url":"https://github.com/advisories/GHSA-7ff4-cv53-4cjq","reference_id":"GHSA-7ff4-cv53-4cjq","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7ff4-cv53-4cjq"},{"reference_url":"https://security.gentoo.org/glsa/202101-35","reference_id":"GLSA-202101-35","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202101-35"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22491?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-26935","GHSA-7ff4-cv53-4cjq"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8q3-v7cc-7yhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177151?format=json","vulnerability_id":"VCID-rzd6-pqqs-a3em","summary":"Multiple vulnerabilities have been found in phpMyAdmin, allowing\n    remote attackers to conduct XSS.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26934","reference_id":"","reference_type":"","scores":[{"value":"0.02788","scoring_system":"epss","scoring_elements":"0.86402","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02788","scoring_system":"epss","scoring_elements":"0.86453","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXK37YEHSDYCIPQSYEMN2OFTP2ZLM7DO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999","reference_id":"971999","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971999"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26934","reference_id":"CVE-2020-26934","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26934"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml","reference_id":"CVE-2020-26934.YAML","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-26934.yaml"},{"reference_url":"https://github.com/advisories/GHSA-6349-53vr-7hcr","reference_id":"GHSA-6349-53vr-7hcr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6349-53vr-7hcr"},{"reference_url":"https://security.gentoo.org/glsa/202101-35","reference_id":"GLSA-202101-35","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202101-35"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22491?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-26934","GHSA-6349-53vr-7hcr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rzd6-pqqs-a3em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207614?format=json","vulnerability_id":"VCID-sya2-1y7u-b7hu","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86289","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86238","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666","reference_id":"954666","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666"},{"reference_url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9","reference_id":"GHSA-fcww-8wvc-38q9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10803","GHSA-fcww-8wvc-38q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sya2-1y7u-b7hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11154?format=json","vulnerability_id":"VCID-vb6g-x173-9khp","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813","reference_id":"","reference_type":"","scores":[{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55223","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55344","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information","reference_id":"","reference_type":"","scores":[],"url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813","reference_id":"CVE-2022-0813","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813"},{"reference_url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q","reference_id":"GHSA-vx8q-j7h9-vf6q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18868?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19652?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.3"}],"aliases":["CVE-2022-0813","GHSA-vx8q-j7h9-vf6q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vb6g-x173-9khp"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205966?format=json","vulnerability_id":"VCID-7k46-nxcx-zfdz","summary":"An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12581","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60795","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60689","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12581","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12581"},{"reference_url":"https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530"},{"reference_url":"https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-3","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-3/"},{"reference_url":"http://www.securityfocus.com/bid/104530","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104530"},{"reference_url":"http://www.securitytracker.com/id/1041187","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041187"},{"reference_url":"https://github.com/advisories/GHSA-vxj6-pm6r-23hq","reference_id":"GHSA-vxj6-pm6r-23hq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vxj6-pm6r-23hq"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21012?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-fkv9-r3fc-zyau"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-12581","GHSA-vxj6-pm6r-23hq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7k46-nxcx-zfdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177294?format=json","vulnerability_id":"VCID-cauk-7k6d-hbdd","summary":"An SQL injection vulnerability in phpMyAdmin may allow attackers to\n    execute arbitrary SQL statements.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622","reference_id":"","reference_type":"","scores":[{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68604","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68693","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622"},{"reference_url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349","reference_id":"945349","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622","reference_id":"CVE-2019-18622","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622"},{"reference_url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc","reference_id":"GHSA-jgjc-332c-8cmc","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc"},{"reference_url":"https://security.gentoo.org/glsa/202003-39","reference_id":"GLSA-202003-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202003-39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15974?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-18622","GHSA-jgjc-332c-8cmc"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cauk-7k6d-hbdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206764?format=json","vulnerability_id":"VCID-cmu6-m7cr-7fa7","summary":"A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922","reference_id":"","reference_type":"","scores":[{"value":"0.31957","scoring_system":"epss","scoring_elements":"0.96929","published_at":"2026-06-11T12:55:00Z"},{"value":"0.31957","scoring_system":"epss","scoring_elements":"0.9694","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Sep/23","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Sep/23"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN"},{"reference_url":"https://www.exploit-db.com/exploits/47385","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/47385"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt","reference_id":"CVE-2019-12922","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922","reference_id":"CVE-2019-12922","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922"},{"reference_url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4","reference_id":"GHSA-4c9q-64gq-xhx4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23847?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-12922","GHSA-4c9q-64gq-xhx4"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmu6-m7cr-7fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181209?format=json","vulnerability_id":"VCID-fkv9-r3fc-zyau","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19969","reference_id":"","reference_type":"","scores":[{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63623","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63522","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19969","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19969"},{"reference_url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175"},{"reference_url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-7"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-7/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-7/"},{"reference_url":"http://www.securityfocus.com/bid/106175","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106175"},{"reference_url":"https://github.com/advisories/GHSA-xwf2-53mc-r8hx","reference_id":"GHSA-xwf2-53mc-r8hx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xwf2-53mc-r8hx"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/385830?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.7.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-7k46-nxcx-zfdz"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-mdf6-k5zm-5uen"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.7"},{"url":"http://public2.vulnerablecode.io/api/packages/384958?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-19969","GHSA-xwf2-53mc-r8hx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fkv9-r3fc-zyau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181206?format=json","vulnerability_id":"VCID-kv22-uthw-t7g2","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could result in the arbitrary execution of code.","references":[{"reference_url":"http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12613","reference_id":"","reference_type":"","scores":[{"value":"0.94262","scoring_system":"epss","scoring_elements":"0.99938","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12613"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://www.exploit-db.com/exploits/44924","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/44924"},{"reference_url":"https://www.exploit-db.com/exploits/44924/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44924/"},{"reference_url":"https://www.exploit-db.com/exploits/44928","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/44928"},{"reference_url":"https://www.exploit-db.com/exploits/44928/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44928/"},{"reference_url":"https://www.exploit-db.com/exploits/45020","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/45020"},{"reference_url":"https://www.exploit-db.com/exploits/45020/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/45020/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-4/"},{"reference_url":"http://www.securityfocus.com/bid/104532","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/104532"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py"},{"reference_url":"https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12613","reference_id":"CVE-2018-12613","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12613"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb"},{"reference_url":"https://github.com/advisories/GHSA-x394-g9j8-x7mf","reference_id":"GHSA-x394-g9j8-x7mf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x394-g9j8-x7mf"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21012?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-fkv9-r3fc-zyau"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-12613","GHSA-x394-g9j8-x7mf"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kv22-uthw-t7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181210?format=json","vulnerability_id":"VCID-m92n-w5zs-qkfr","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19970","reference_id":"","reference_type":"","scores":[{"value":"0.01296","scoring_system":"epss","scoring_elements":"0.80175","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01296","scoring_system":"epss","scoring_elements":"0.80112","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19970","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19970"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-8","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-8"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-8/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-8/"},{"reference_url":"http://www.securityfocus.com/bid/106181","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106181"},{"reference_url":"https://github.com/advisories/GHSA-8987-93fh-rcwq","reference_id":"GHSA-8987-93fh-rcwq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8987-93fh-rcwq"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384958?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-19970","GHSA-8987-93fh-rcwq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m92n-w5zs-qkfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197776?format=json","vulnerability_id":"VCID-mdf6-k5zm-5uen","summary":"cross-site scripting","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7260","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.54006","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53881","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7260","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7260"},{"reference_url":"https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-1/"},{"reference_url":"http://www.securityfocus.com/bid/103099","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/103099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539","reference_id":"893539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539"},{"reference_url":"https://security.archlinux.org/ASA-201802-11","reference_id":"ASA-201802-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-11"},{"reference_url":"https://security.archlinux.org/AVG-630","reference_id":"AVG-630","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-630"},{"reference_url":"https://github.com/advisories/GHSA-gqmj-f46x-wqhw","reference_id":"GHSA-gqmj-f46x-wqhw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gqmj-f46x-wqhw"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384521?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.7.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3fqj-9fn2-uqhe"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-7k46-nxcx-zfdz"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-m92n-w5zs-qkfr"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-nwea-842b-hbet"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.8"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-7260","GHSA-gqmj-f46x-wqhw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdf6-k5zm-5uen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207366?format=json","vulnerability_id":"VCID-ngjc-296q-f3fu","summary":"An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allow_local_infile PHP configuration, and the inadvertent ignoring of \"options(MYSQLI_OPT_LOCAL_INFILE\" calls.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6799","reference_id":"","reference_type":"","scores":[{"value":"0.76961","scoring_system":"epss","scoring_elements":"0.98986","published_at":"2026-06-12T12:55:00Z"},{"value":"0.76961","scoring_system":"epss","scoring_elements":"0.98982","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-1/"},{"reference_url":"http://www.securityfocus.com/bid/106736","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106736"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823","reference_id":"920823","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6799","reference_id":"CVE-2019-6799","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6799"},{"reference_url":"https://github.com/advisories/GHSA-c8wj-q36q-3wg4","reference_id":"GHSA-c8wj-q36q-3wg4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c8wj-q36q-3wg4"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21732?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-6799","GHSA-c8wj-q36q-3wg4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ngjc-296q-f3fu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181207?format=json","vulnerability_id":"VCID-nwea-842b-hbet","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19968","reference_id":"","reference_type":"","scores":[{"value":"0.02384","scoring_system":"epss","scoring_elements":"0.85393","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02384","scoring_system":"epss","scoring_elements":"0.85341","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19968","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19968"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-6"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-6/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-6/"},{"reference_url":"http://www.securityfocus.com/bid/106178","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106178"},{"reference_url":"https://github.com/advisories/GHSA-xc97-r49q-cxgc","reference_id":"GHSA-xc97-r49q-cxgc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc97-r49q-cxgc"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384958?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-ngjc-296q-f3fu"},{"vulnerability":"VCID-pu49-c9vu-rbec"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-19968","GHSA-xc97-r49q-cxgc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwea-842b-hbet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207365?format=json","vulnerability_id":"VCID-pu49-c9vu-rbec","summary":"An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6798","reference_id":"","reference_type":"","scores":[{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60815","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6071","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6798","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6798"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-2/"},{"reference_url":"http://www.securityfocus.com/bid/106727","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106727"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822","reference_id":"920822","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822"},{"reference_url":"https://github.com/advisories/GHSA-f732-fxh6-g4qj","reference_id":"GHSA-f732-fxh6-g4qj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f732-fxh6-g4qj"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21732?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5vg7-fddm-sqfr"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-b55b-rsv5-4ydv"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-6798","GHSA-f732-fxh6-g4qj"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pu49-c9vu-rbec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205699?format=json","vulnerability_id":"VCID-w92a-9xbc-wuf6","summary":"phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to execute arbitrary SQL statements, related to js/db_operations.js, js/tbl_operations.js, libraries/classes/Operations.php, and sql.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10188","reference_id":"","reference_type":"","scores":[{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.71421","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.71333","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10188","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10188"},{"reference_url":"https://www.exploit-db.com/exploits/44496","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/44496"},{"reference_url":"https://www.exploit-db.com/exploits/44496/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44496/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-2/"},{"reference_url":"http://www.securityfocus.com/bid/103936","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/103936"},{"reference_url":"http://www.securitytracker.com/id/1040752","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1040752"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490","reference_id":"896490","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html","reference_id":"CVE-2018-10188","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html"},{"reference_url":"https://github.com/advisories/GHSA-v6fp-h79x-9rqc","reference_id":"GHSA-v6fp-h79x-9rqc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v6fp-h79x-9rqc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384462?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.0%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.0%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-10188","GHSA-v6fp-h79x-9rqc"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w92a-9xbc-wuf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185185?format=json","vulnerability_id":"VCID-xsbv-xna2-qfeb","summary":"Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of which allows for denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23807","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35001","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34822","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2022-1","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2022-1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2022-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2022-1/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23807","reference_id":"CVE-2022-23807","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23807"},{"reference_url":"https://github.com/advisories/GHSA-8wf2-3ggj-78q9","reference_id":"GHSA-8wf2-3ggj-78q9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8wf2-3ggj-78q9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18870?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.8"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/18868?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2"}],"aliases":["CVE-2022-23807","GHSA-8wf2-3ggj-78q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsbv-xna2-qfeb"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}