{"url":"http://public2.vulnerablecode.io/api/packages/30092?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.3","type":"composer","namespace":"phpmyadmin","name":"phpmyadmin","version":"4.8.3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.9.11","latest_non_vulnerable_version":"5.2.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/221913?format=json","vulnerability_id":"VCID-2jjv-4en4-e3gx","summary":"phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because \"the CSV file is accurately generated based on the database contents.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278","reference_id":"","reference_type":"","scores":[{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61125","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61205","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61247","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61261","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61281","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61267","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61249","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61289","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61294","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61273","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61277","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.6127","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61219","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278","reference_id":"CVE-2020-22278","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81919?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-22278"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jjv-4en4-e3gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54510?format=json","vulnerability_id":"VCID-5657-kcyh-7bc2","summary":"phpMyAdmin SQL injection in user accounts page\nIn phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"0.22375","scoring_system":"epss","scoring_elements":"0.95857","published_at":"2026-05-07T12:55:00Z"},{"value":"0.22375","scoring_system":"epss","scoring_elements":"0.95834","published_at":"2026-04-16T12:55:00Z"},{"value":"0.22375","scoring_system":"epss","scoring_elements":"0.9584","published_at":"2026-04-18T12:55:00Z"},{"value":"0.22375","scoring_system":"epss","scoring_elements":"0.95843","published_at":"2026-04-21T12:55:00Z"},{"value":"0.22375","scoring_system":"epss","scoring_elements":"0.95844","published_at":"2026-04-29T12:55:00Z"},{"value":"0.22375","scoring_system":"epss","scoring_elements":"0.95856","published_at":"2026-05-05T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95928","published_at":"2026-04-07T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95908","published_at":"2026-04-01T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95916","published_at":"2026-04-02T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95924","published_at":"2026-04-04T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95937","published_at":"2026-04-08T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95945","published_at":"2026-04-13T12:55:00Z"},{"value":"0.23238","scoring_system":"epss","scoring_elements":"0.95942","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504"},{"reference_url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml"},{"reference_url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718","reference_id":"948718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt","reference_id":"CVE-2020-5504","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt"},{"reference_url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6","reference_id":"GHSA-fgj8-93xx-f6g6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81779?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81780?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.1"}],"aliases":["CVE-2020-5504","GHSA-fgj8-93xx-f6g6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5657-kcyh-7bc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10113?format=json","vulnerability_id":"VCID-986a-3m4g-83ge","summary":"Cross-Site Request Forgery (CSRF)\nBy deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19969","reference_id":"","reference_type":"","scores":[{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6405","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64014","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6397","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64005","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64017","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64006","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64024","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64038","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64036","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63888","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63974","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63934","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63984","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64002","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969"},{"reference_url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175"},{"reference_url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-7"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-7/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-7/"},{"reference_url":"http://www.securityfocus.com/bid/106175","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106175"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19969","reference_id":"CVE-2018-19969","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19969"},{"reference_url":"https://github.com/advisories/GHSA-xwf2-53mc-r8hx","reference_id":"GHSA-xwf2-53mc-r8hx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xwf2-53mc-r8hx"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33616?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-br1c-5bzf-ufeu"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-jma9-9uhu-xuc3"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-scu3-cfyc-9qfz"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-yfja-ssw3-skh1"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/55566?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-19969","GHSA-xwf2-53mc-r8hx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-986a-3m4g-83ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10254?format=json","vulnerability_id":"VCID-br1c-5bzf-ufeu","summary":"SQL Injection\nAn issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6798","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67627","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67598","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67584","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67551","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67587","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67599","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67578","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67597","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67608","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6761","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67585","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67474","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6751","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67532","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67562","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-2/"},{"reference_url":"http://www.securityfocus.com/bid/106727","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106727"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822","reference_id":"920822","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6798","reference_id":"CVE-2019-6798","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6798"},{"reference_url":"https://github.com/advisories/GHSA-f732-fxh6-g4qj","reference_id":"GHSA-f732-fxh6-g4qj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f732-fxh6-g4qj"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34735?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-jma9-9uhu-xuc3"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-scu3-cfyc-9qfz"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/55566?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-6798","GHSA-f732-fxh6-g4qj"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br1c-5bzf-ufeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10108?format=json","vulnerability_id":"VCID-ebk2-vjau-57h9","summary":"Information Exposure\nAn attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19968","reference_id":"","reference_type":"","scores":[{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85429","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85566","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85543","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85526","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85527","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85517","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85498","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85494","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.8547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85474","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85475","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85461","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85453","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85397","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85409","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85432","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-6"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-6/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-6/"},{"reference_url":"http://www.securityfocus.com/bid/106178","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106178"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19968","reference_id":"CVE-2018-19968","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19968"},{"reference_url":"https://github.com/advisories/GHSA-xc97-r49q-cxgc","reference_id":"GHSA-xc97-r49q-cxgc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc97-r49q-cxgc"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33616?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-br1c-5bzf-ufeu"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-jma9-9uhu-xuc3"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-scu3-cfyc-9qfz"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-yfja-ssw3-skh1"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/55566?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-19968","GHSA-xc97-r49q-cxgc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58614?format=json","vulnerability_id":"VCID-g6ud-92qe-hqcx","summary":"phpMyAdmin unsanitized Git information\nphpMyAdmin before 4.9.2 does not escape certain Git information, related to `libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19617","reference_id":"","reference_type":"","scores":[{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78518","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78654","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.7863","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78613","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78596","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78588","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78556","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.7856","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78532","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.7854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78558","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78533","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78528","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78481","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78487","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78501","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19617","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19617"},{"reference_url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released"},{"reference_url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/"},{"reference_url":"https://github.com/advisories/GHSA-pgph-mc4p-f8c3","reference_id":"GHSA-pgph-mc4p-f8c3","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pgph-mc4p-f8c3"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73013?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"}],"aliases":["CVE-2019-19617","GHSA-pgph-mc4p-f8c3"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g6ud-92qe-hqcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33181?format=json","vulnerability_id":"VCID-gu4y-aeqx-mqak","summary":"SQL injection in phpMyAdmin\nAn issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622","reference_id":"","reference_type":"","scores":[{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72921","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.7278","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72756","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72794","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72808","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72832","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72815","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72807","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72849","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72859","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72851","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72892","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72902","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.729","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72895","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.72752","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00736","scoring_system":"epss","scoring_elements":"0.7276","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622"},{"reference_url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622"},{"reference_url":"https://security.gentoo.org/glsa/202003-39","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202003-39"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349","reference_id":"945349","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc","reference_id":"GHSA-jgjc-332c-8cmc","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73013?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/55566?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-18622","GHSA-jgjc-332c-8cmc"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gu4y-aeqx-mqak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10733?format=json","vulnerability_id":"VCID-jma9-9uhu-xuc3","summary":"SQL Injection\nA vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11768","reference_id":"","reference_type":"","scores":[{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82598","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82801","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82847","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82849","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82871","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.8288","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82885","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82904","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82743","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82759","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82772","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82769","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82795","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82817","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82813","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82808","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11768"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-3/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048","reference_id":"930048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11768","reference_id":"CVE-2019-11768","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11768"},{"reference_url":"https://github.com/advisories/GHSA-x37v-98f9-mj32","reference_id":"GHSA-x37v-98f9-mj32","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x37v-98f9-mj32"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/189136?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/37061?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.0%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.0%252B1"}],"aliases":["CVE-2019-11768","GHSA-x37v-98f9-mj32"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jma9-9uhu-xuc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54695?format=json","vulnerability_id":"VCID-ngtc-xtjn-xbhp","summary":"phpMyAdmin SQL injection vulnerability\nIn phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81873","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81802","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81951","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81931","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81912","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81907","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81896","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81769","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81779","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.818","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.8187","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81834","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.8184","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81852","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01622","scoring_system":"epss","scoring_elements":"0.81833","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665","reference_id":"954665","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm","reference_id":"GHSA-f4cr-3xmc-2wpm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81952?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/55567?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-dsxw-w87t-eycw"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10802","GHSA-f4cr-3xmc-2wpm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ngtc-xtjn-xbhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10112?format=json","vulnerability_id":"VCID-qcra-cu62-43he","summary":"Cross-site Scripting\nIn phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19970","reference_id":"","reference_type":"","scores":[{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81245","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81107","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81135","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81159","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81146","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81139","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81176","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81178","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81198","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81205","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.8121","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81226","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81074","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81083","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81108","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-8","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-8"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-8/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-8/"},{"reference_url":"http://www.securityfocus.com/bid/106181","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106181"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19970","reference_id":"CVE-2018-19970","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19970"},{"reference_url":"https://github.com/advisories/GHSA-8987-93fh-rcwq","reference_id":"GHSA-8987-93fh-rcwq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8987-93fh-rcwq"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33616?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-br1c-5bzf-ufeu"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-jma9-9uhu-xuc3"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-scu3-cfyc-9qfz"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-yfja-ssw3-skh1"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/55566?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2018-19970","GHSA-8987-93fh-rcwq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13228?format=json","vulnerability_id":"VCID-rqy8-n6fr-hqey","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nPhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813","reference_id":"","reference_type":"","scores":[{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54811","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54787","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54774","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54732","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54908","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54905","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54863","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54888","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63055","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63058","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.62955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63043","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63007","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63074","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63091","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63077","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202311-17","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202311-17"},{"reference_url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information","reference_id":"","reference_type":"","scores":[],"url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813","reference_id":"CVE-2022-0813","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813"},{"reference_url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q","reference_id":"GHSA-vx8q-j7h9-vf6q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43865?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/80986?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.3"}],"aliases":["CVE-2022-0813","GHSA-vx8q-j7h9-vf6q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqy8-n6fr-hqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10737?format=json","vulnerability_id":"VCID-scu3-cfyc-9qfz","summary":"Cross-Site Request Forgery (CSRF)\nA vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken `<img>` tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific `INSERT` or `DELETE` statement) to the victim.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12616","reference_id":"","reference_type":"","scores":[{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.9807","published_at":"2026-05-07T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98052","published_at":"2026-04-08T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98058","published_at":"2026-04-12T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98059","published_at":"2026-04-13T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98065","published_at":"2026-04-18T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98062","published_at":"2026-04-26T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98061","published_at":"2026-04-24T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98066","published_at":"2026-04-29T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98072","published_at":"2026-05-05T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98038","published_at":"2026-04-01T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98043","published_at":"2026-04-02T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98047","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec"},{"reference_url":"https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html"},{"reference_url":"https://www.phpmyadmin.net/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-4","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-4/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017","reference_id":"930017","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt","reference_id":"CVE-2019-12616","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12616","reference_id":"CVE-2019-12616","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12616"},{"reference_url":"https://github.com/advisories/GHSA-mfr9-pcm3-6mwc","reference_id":"GHSA-mfr9-pcm3-6mwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mfr9-pcm3-6mwc"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/37069?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-jma9-9uhu-xuc3"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.0"}],"aliases":["CVE-2019-12616","GHSA-mfr9-pcm3-6mwc"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scu3-cfyc-9qfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54679?format=json","vulnerability_id":"VCID-tks3-6uv4-kygf","summary":"phpMyAdmin SQL Injection\nIn phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85277","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85114","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85127","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85144","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85147","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85177","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85191","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85189","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85186","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85207","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85208","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85231","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85239","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85251","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667","reference_id":"954667","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx","reference_id":"GHSA-h65r-8fp8-w7cx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81952?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/55567?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-dsxw-w87t-eycw"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10804","GHSA-h65r-8fp8-w7cx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tks3-6uv4-kygf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10253?format=json","vulnerability_id":"VCID-yfja-ssw3-skh1","summary":"Information Exposure\nWhen the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6799","reference_id":"","reference_type":"","scores":[{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.9896","published_at":"2026-05-07T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98937","published_at":"2026-04-04T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98939","published_at":"2026-04-07T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98941","published_at":"2026-04-09T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98943","published_at":"2026-04-11T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98946","published_at":"2026-04-16T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98947","published_at":"2026-04-18T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98948","published_at":"2026-04-21T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.9895","published_at":"2026-04-24T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98952","published_at":"2026-04-26T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98954","published_at":"2026-04-29T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98933","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-1/"},{"reference_url":"http://www.securityfocus.com/bid/106736","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106736"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823","reference_id":"920823","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6799","reference_id":"CVE-2019-6799","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6799"},{"reference_url":"https://github.com/advisories/GHSA-c8wj-q36q-3wg4","reference_id":"GHSA-c8wj-q36q-3wg4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c8wj-q36q-3wg4"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34735?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-jma9-9uhu-xuc3"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-scu3-cfyc-9qfz"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/55566?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-6799","GHSA-c8wj-q36q-3wg4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfja-ssw3-skh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16445?format=json","vulnerability_id":"VCID-ym9b-4su6-6fbr","summary":"Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin\nIn phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger Cross-site Scripting (XSS) by uploading a crafted .sql file through the drag-and-drop interface. By disabling the configuration directive `$cfg['enable_drag_drop_import']`, users will be unable to use the drag and drop upload which would protect against the vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25727","reference_id":"","reference_type":"","scores":[{"value":"0.09535","scoring_system":"epss","scoring_elements":"0.9289","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09535","scoring_system":"epss","scoring_elements":"0.92876","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09535","scoring_system":"epss","scoring_elements":"0.92867","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09535","scoring_system":"epss","scoring_elements":"0.92872","published_at":"2026-04-26T12:55:00Z"},{"value":"0.1094","scoring_system":"epss","scoring_elements":"0.93405","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1094","scoring_system":"epss","scoring_elements":"0.93423","published_at":"2026-04-16T12:55:00Z"},{"value":"0.1094","scoring_system":"epss","scoring_elements":"0.93438","published_at":"2026-04-24T12:55:00Z"},{"value":"0.1094","scoring_system":"epss","scoring_elements":"0.93434","published_at":"2026-04-21T12:55:00Z"},{"value":"0.1094","scoring_system":"epss","scoring_elements":"0.93428","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11079","scoring_system":"epss","scoring_elements":"0.93433","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11079","scoring_system":"epss","scoring_elements":"0.93425","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11079","scoring_system":"epss","scoring_elements":"0.93441","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11079","scoring_system":"epss","scoring_elements":"0.93445","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11079","scoring_system":"epss","scoring_elements":"0.9345","published_at":"2026-04-11T12:55:00Z"},{"value":"0.11079","scoring_system":"epss","scoring_elements":"0.93451","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2023-1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2023-1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25727","reference_id":"CVE-2023-25727","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25727"},{"reference_url":"https://github.com/advisories/GHSA-6hr3-44gx-g6wh","reference_id":"GHSA-6hr3-44gx-g6wh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6hr3-44gx-g6wh"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2023-1/","reference_id":"PMASA-2023-1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:52:37Z/"}],"url":"https://www.phpmyadmin.net/security/PMASA-2023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55878?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.11"},{"url":"http://public2.vulnerablecode.io/api/packages/55879?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-araw-4wdy-hqcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.2.1"}],"aliases":["CVE-2023-25727","GHSA-6hr3-44gx-g6wh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ym9b-4su6-6fbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57068?format=json","vulnerability_id":"VCID-znfm-ak2t-mqdd","summary":"phpMyAdmin SQL injection vulnerability\nIn phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.8776","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87643","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87653","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87666","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87667","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87694","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87706","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87699","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87712","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87708","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87726","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87732","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.8773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87745","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666","reference_id":"954666","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9","reference_id":"GHSA-fcww-8wvc-38q9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81952?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/55567?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-dsxw-w87t-eycw"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10803","GHSA-fcww-8wvc-38q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znfm-ak2t-mqdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57551?format=json","vulnerability_id":"VCID-zyzp-aqd8-e3a9","summary":"phpMyAdmin Cross-Site Request Forgery (CSRF)\nA CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922","reference_id":"","reference_type":"","scores":[{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97469","published_at":"2026-05-07T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97422","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97429","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97433","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97441","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97442","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97447","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97456","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.9746","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97459","published_at":"2026-04-21T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97458","published_at":"2026-04-24T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97462","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97466","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Sep/23","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Sep/23"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922"},{"reference_url":"https://www.exploit-db.com/exploits/47385","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/47385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt","reference_id":"CVE-2019-12922","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt"},{"reference_url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4","reference_id":"GHSA-4c9q-64gq-xhx4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83854?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/55566?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-41mv-6vqr-sua6"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-12922","GHSA-4c9q-64gq-xhx4"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzp-aqd8-e3a9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9787?format=json","vulnerability_id":"VCID-fchc-55te-akhe","summary":"Cross-site Scripting\nAn issue was discovered in phpMyAdm. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15605","reference_id":"","reference_type":"","scores":[{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71433","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71549","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71514","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71526","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71523","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71516","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71465","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71485","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.7148","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71434","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71452","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71468","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71392","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71446","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71418","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15605"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-5/"},{"reference_url":"http://www.securityfocus.com/bid/105168","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/105168"},{"reference_url":"http://www.securitytracker.com/id/1041548","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041548"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-15605","reference_id":"CVE-2018-15605","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-15605"},{"reference_url":"https://github.com/advisories/GHSA-c958-4j9x-q7w4","reference_id":"GHSA-c958-4j9x-q7w4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c958-4j9x-q7w4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/30092?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-5657-kcyh-7bc2"},{"vulnerability":"VCID-986a-3m4g-83ge"},{"vulnerability":"VCID-br1c-5bzf-ufeu"},{"vulnerability":"VCID-ebk2-vjau-57h9"},{"vulnerability":"VCID-g6ud-92qe-hqcx"},{"vulnerability":"VCID-gu4y-aeqx-mqak"},{"vulnerability":"VCID-jma9-9uhu-xuc3"},{"vulnerability":"VCID-ngtc-xtjn-xbhp"},{"vulnerability":"VCID-qcra-cu62-43he"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-scu3-cfyc-9qfz"},{"vulnerability":"VCID-tks3-6uv4-kygf"},{"vulnerability":"VCID-yfja-ssw3-skh1"},{"vulnerability":"VCID-ym9b-4su6-6fbr"},{"vulnerability":"VCID-znfm-ak2t-mqdd"},{"vulnerability":"VCID-zyzp-aqd8-e3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.3"}],"aliases":["CVE-2018-15605","GHSA-c958-4j9x-q7w4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fchc-55te-akhe"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.8.3"}