{"url":"http://public2.vulnerablecode.io/api/packages/446976?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.4.1","type":"composer","namespace":"phpmyadmin","name":"phpmyadmin","version":"4.0.4.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.9.11","latest_non_vulnerable_version":"5.2.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180870?format=json","vulnerability_id":"VCID-19e5-h8yr-efcy","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could lead to arbitrary code execution.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4986","reference_id":"","reference_type":"","scores":[{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57032","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57152","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57165","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57158","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4986"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/29a1f56495a7d1d98da31a614f23c0819a606a4d","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/29a1f56495a7d1d98da31a614f23c0819a606a4d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4986","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4986"},{"reference_url":"https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/68803","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/68803"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php"},{"reference_url":"https://github.com/advisories/GHSA-jqmr-wqgp-8mh2","reference_id":"GHSA-jqmr-wqgp-8mh2","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jqmr-wqgp-8mh2"},{"reference_url":"https://security.gentoo.org/glsa/201505-03","reference_id":"GLSA-201505-03","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201505-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446982?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2xzr-2f1r-37bf"},{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5549-uqep-tubz"},{"vulnerability":"VCID-5and-muph-hked"},{"vulnerability":"VCID-aegs-ukwt-d7g7"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d5cg-qayj-wue9"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-meuk-b5zn-ubbv"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-t7cs-91p3-xyek"},{"vulnerability":"VCID-u8ng-547z-8yae"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-vqtc-c5mb-nkht"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/385507?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/385508?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.1.14%2B2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.1.14%252B2"},{"url":"http://public2.vulnerablecode.io/api/packages/385509?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.2.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.2.6"}],"aliases":["CVE-2014-4986","GHSA-jqmr-wqgp-8mh2"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19e5-h8yr-efcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180872?format=json","vulnerability_id":"VCID-4cqm-g8ca-dygk","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could lead to arbitrary code execution.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00032.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6300","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5115","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.51146","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.51161","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.51016","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6300"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac004e23b30e8ac"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6300","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-6300"},{"reference_url":"https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228081340/http://www.securityfocus.com/bid/69790"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php"},{"reference_url":"https://github.com/advisories/GHSA-6wfj-2mw7-p5cg","reference_id":"GHSA-6wfj-2mw7-p5cg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6wfj-2mw7-p5cg"},{"reference_url":"https://security.gentoo.org/glsa/201505-03","reference_id":"GLSA-201505-03","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201505-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446984?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.3"},{"url":"http://public2.vulnerablecode.io/api/packages/385810?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B3"},{"url":"http://public2.vulnerablecode.io/api/packages/385811?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.1.14%2B4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.1.14%252B4"},{"url":"http://public2.vulnerablecode.io/api/packages/385812?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.2.8%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.2.8%252B1"}],"aliases":["CVE-2014-6300","GHSA-6wfj-2mw7-p5cg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cqm-g8ca-dygk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207613?format=json","vulnerability_id":"VCID-4f9y-mpe6-akgc","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79645","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79637","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79652","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01229","scoring_system":"epss","scoring_elements":"0.79571","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10802"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10802.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10802"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-3/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665","reference_id":"954665","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954665"},{"reference_url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm","reference_id":"GHSA-f4cr-3xmc-2wpm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f4cr-3xmc-2wpm"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384714?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10802","GHSA-f4cr-3xmc-2wpm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4f9y-mpe6-akgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179108?format=json","vulnerability_id":"VCID-5549-uqep-tubz","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could lead to arbitrary code execution.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5706","reference_id":"","reference_type":"","scores":[{"value":"0.02778","scoring_system":"epss","scoring_elements":"0.86378","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02778","scoring_system":"epss","scoring_elements":"0.86429","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02778","scoring_system":"epss","scoring_elements":"0.86439","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02778","scoring_system":"epss","scoring_elements":"0.86438","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/4767f24ea4c1e3822ce71a636c341e8ad8d07aa6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/4767f24ea4c1e3822ce71a636c341e8ad8d07aa6"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/805225a28c1428d7809e613c731c2126960e98df","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/805225a28c1428d7809e613c731c2126960e98df"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/abb3685c8702de887988fee31a97ef4d80d856a1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/abb3685c8702de887988fee31a97ef4d80d856a1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5706","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5706"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-22","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2016-22"},{"reference_url":"http://www.debian.org/security/2016/dsa-3627","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3627"},{"reference_url":"http://www.securityfocus.com/bid/91376","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/91376"},{"reference_url":"https://github.com/advisories/GHSA-9rmm-8fp4-26hv","reference_id":"GHSA-9rmm-8fp4-26hv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9rmm-8fp4-26hv"},{"reference_url":"https://security.gentoo.org/glsa/201701-32","reference_id":"GLSA-201701-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384868?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16"},{"url":"http://public2.vulnerablecode.io/api/packages/446983?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/384869?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7"},{"url":"http://public2.vulnerablecode.io/api/packages/384870?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-26gd-39fw-x7bt"},{"vulnerability":"VCID-3552-c149-cuav"},{"vulnerability":"VCID-5pev-26f4-hkf8"},{"vulnerability":"VCID-dyc7-mw3x-2bcm"},{"vulnerability":"VCID-g5y1-uew7-k7fu"},{"vulnerability":"VCID-mr83-4y43-h7d1"},{"vulnerability":"VCID-myq5-tmmb-9bak"},{"vulnerability":"VCID-prhu-d7x6-akhr"},{"vulnerability":"VCID-rhez-hkwd-6qhq"},{"vulnerability":"VCID-uz1e-vdhc-1ua8"},{"vulnerability":"VCID-vg9q-zy2r-gyfb"},{"vulnerability":"VCID-z9ke-vqwr-duak"},{"vulnerability":"VCID-zhgg-3nhp-wucv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3"}],"aliases":["CVE-2016-5706","GHSA-9rmm-8fp4-26hv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5549-uqep-tubz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182747?format=json","vulnerability_id":"VCID-5and-muph-hked","summary":"security update","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1927","reference_id":"","reference_type":"","scores":[{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70732","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70822","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70835","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70833","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a021e4558c2d72","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a021e4558c2d72"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/5530a72e162fab442218486a90ff3365c96fde98","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/5530a72e162fab442218486a90ff3365c96fde98"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/8b6737735be5787d0b98c6cdfe2c7e3131b1bc95","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/8b6737735be5787d0b98c6cdfe2c7e3131b1bc95"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1927","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1927"},{"reference_url":"http://www.debian.org/security/2016/dsa-3627","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3627"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php"},{"reference_url":"https://github.com/advisories/GHSA-4gmg-gwjh-3mmr","reference_id":"GHSA-4gmg-gwjh-3mmr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4gmg-gwjh-3mmr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384843?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B13"},{"url":"http://public2.vulnerablecode.io/api/packages/446983?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/384844?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vgv-5qz9-cqg9"},{"vulnerability":"VCID-n8hd-vjza-mfdw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B3"},{"url":"http://public2.vulnerablecode.io/api/packages/384845?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4abg-2uaq-93cm"},{"vulnerability":"VCID-8zcz-hfgw-1uh3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.5.4"}],"aliases":["CVE-2016-1927","GHSA-4gmg-gwjh-3mmr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5and-muph-hked"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204505?format=json","vulnerability_id":"VCID-aegs-ukwt-d7g7","summary":"The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6621","reference_id":"","reference_type":"","scores":[{"value":"0.00551","scoring_system":"epss","scoring_elements":"0.68446","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00551","scoring_system":"epss","scoring_elements":"0.68535","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00551","scoring_system":"epss","scoring_elements":"0.68548","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00551","scoring_system":"epss","scoring_elements":"0.68543","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6621"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6621","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6621"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-44","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2016-44"},{"reference_url":"https://github.com/advisories/GHSA-44vv-mm86-7cg6","reference_id":"GHSA-44vv-mm86-7cg6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-44vv-mm86-7cg6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384633?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B19"},{"url":"http://public2.vulnerablecode.io/api/packages/446983?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/384632?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-x7nv-bve2-97ah"},{"vulnerability":"VCID-yxd8-v4be-nfhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B10"},{"url":"http://public2.vulnerablecode.io/api/packages/384631?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-x7nv-bve2-97ah"},{"vulnerability":"VCID-yxd8-v4be-nfhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.6"}],"aliases":["CVE-2016-6621","GHSA-44vv-mm86-7cg6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aegs-ukwt-d7g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177294?format=json","vulnerability_id":"VCID-cauk-7k6d-hbdd","summary":"An SQL injection vulnerability in phpMyAdmin may allow attackers to\n    execute arbitrary SQL statements.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622","reference_id":"","reference_type":"","scores":[{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68702","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68707","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68693","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68604","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622"},{"reference_url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer/commit/51acbf53564d9b52e78509a5688ec2b68976b5f7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349","reference_id":"945349","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945349"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622","reference_id":"CVE-2019-18622","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18622"},{"reference_url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc","reference_id":"GHSA-jgjc-332c-8cmc","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jgjc-332c-8cmc"},{"reference_url":"https://security.gentoo.org/glsa/202003-39","reference_id":"GLSA-202003-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202003-39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15974?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-18622","GHSA-jgjc-332c-8cmc"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cauk-7k6d-hbdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206764?format=json","vulnerability_id":"VCID-cmu6-m7cr-7fa7","summary":"A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922","reference_id":"","reference_type":"","scores":[{"value":"0.31957","scoring_system":"epss","scoring_elements":"0.96929","published_at":"2026-06-11T12:55:00Z"},{"value":"0.31957","scoring_system":"epss","scoring_elements":"0.96943","published_at":"2026-06-13T12:55:00Z"},{"value":"0.31957","scoring_system":"epss","scoring_elements":"0.9694","published_at":"2026-06-12T12:55:00Z"},{"value":"0.31957","scoring_system":"epss","scoring_elements":"0.96944","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Sep/23","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Sep/23"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN"},{"reference_url":"https://www.exploit-db.com/exploits/47385","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/47385"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt","reference_id":"CVE-2019-12922","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922","reference_id":"CVE-2019-12922","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922"},{"reference_url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4","reference_id":"GHSA-4c9q-64gq-xhx4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23847?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22490?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.0"}],"aliases":["CVE-2019-12922","GHSA-4c9q-64gq-xhx4"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmu6-m7cr-7fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203554?format=json","vulnerability_id":"VCID-d6w1-jw73-9kbb","summary":"Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00009.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7217","reference_id":"","reference_type":"","scores":[{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57158","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57152","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57165","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.57032","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7217"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/304fb2b645b36a39e03b954fdbd567173ebe6448","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/304fb2b645b36a39e03b954fdbd567173ebe6448"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/c1a3f85fbd1a9569646e7cf1b791325ae82c7961","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/c1a3f85fbd1a9569646e7cf1b791325ae82c7961"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-7217","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-7217"},{"reference_url":"https://web.archive.org/web/20141010205819/http://www.securityfocus.com/bid/70252","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20141010205819/http://www.securityfocus.com/bid/70252"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php"},{"reference_url":"https://github.com/advisories/GHSA-wv8g-fx9j-q2jg","reference_id":"GHSA-wv8g-fx9j-q2jg","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wv8g-fx9j-q2jg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446985?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.4"},{"url":"http://public2.vulnerablecode.io/api/packages/384578?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B4"},{"url":"http://public2.vulnerablecode.io/api/packages/384579?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.1.14%2B5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.1.14%252B5"},{"url":"http://public2.vulnerablecode.io/api/packages/384580?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.2.9%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.2.9%252B1"}],"aliases":["CVE-2014-7217","GHSA-wv8g-fx9j-q2jg"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6w1-jw73-9kbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/325176?format=json","vulnerability_id":"VCID-dv3f-h92r-37gs","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278","reference_id":"","reference_type":"","scores":[{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61683","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61784","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61792","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61786","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22278"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278","reference_id":"CVE-2020-22278","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22491?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.3"}],"aliases":["CVE-2020-22278"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv3f-h92r-37gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207615?format=json","vulnerability_id":"VCID-e8jm-k1ee-v3dg","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83694","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83752","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83761","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01913","scoring_system":"epss","scoring_elements":"0.83758","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10804"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10804.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10804"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-2/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667","reference_id":"954667","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667"},{"reference_url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx","reference_id":"GHSA-h65r-8fp8-w7cx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h65r-8fp8-w7cx"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384714?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10804","GHSA-h65r-8fp8-w7cx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8jm-k1ee-v3dg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108007?format=json","vulnerability_id":"VCID-ggqt-drsc-2qd2","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5002","reference_id":"","reference_type":"","scores":[{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.4354","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43383","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43559","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.4355","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4996"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5003"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-5002","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-5002"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php"},{"reference_url":"https://github.com/advisories/GHSA-p632-5w74-x8xx","reference_id":"GHSA-p632-5w74-x8xx","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p632-5w74-x8xx"},{"reference_url":"https://security.gentoo.org/glsa/201311-02","reference_id":"GLSA-201311-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386128?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.4%2B2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5g5s-k4mq-sqg6"},{"vulnerability":"VCID-w9y7-zd3z-xbed"},{"vulnerability":"VCID-wfhy-zb3f-sude"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.4%252B2"},{"url":"http://public2.vulnerablecode.io/api/packages/446977?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19e5-h8yr-efcy"},{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5549-uqep-tubz"},{"vulnerability":"VCID-5and-muph-hked"},{"vulnerability":"VCID-aegs-ukwt-d7g7"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-meuk-b5zn-ubbv"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-t7cs-91p3-xyek"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.4.2"}],"aliases":["CVE-2013-5002","GHSA-p632-5w74-x8xx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggqt-drsc-2qd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208023?format=json","vulnerability_id":"VCID-h5ft-zg32-myhg","summary":"In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.9593","published_at":"2026-06-11T12:55:00Z"},{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.95943","published_at":"2026-06-12T12:55:00Z"},{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.95944","published_at":"2026-06-13T12:55:00Z"},{"value":"0.2219","scoring_system":"epss","scoring_elements":"0.95947","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5504"},{"reference_url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cybersecurityworks.com/zerodays/cve-2020-5504-phpmyadmin.html"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-5504.yaml"},{"reference_url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-5504.md"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00011.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5504"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718","reference_id":"948718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948718"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt","reference_id":"CVE-2020-5504","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52451.txt"},{"reference_url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6","reference_id":"GHSA-fgj8-93xx-f6g6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fgj8-93xx-f6g6"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384552?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.4"},{"url":"http://public2.vulnerablecode.io/api/packages/384553?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-arcu-5cnd-wkdk"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.1"}],"aliases":["CVE-2020-5504","GHSA-fgj8-93xx-f6g6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h5ft-zg32-myhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203596?format=json","vulnerability_id":"VCID-jr4r-j28s-3ucz","summary":"Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-11/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-11/msg00004.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8326","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50827","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50823","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50839","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50689","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8326"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8326","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8326"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/7b8962dede7631298c81e2c1cd267b81f1e08a8c","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/7b8962dede7631298c81e2c1cd267b81f1e08a8c"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/bd68c54d1beeef79d237e8bfda44690834012a76","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/bd68c54d1beeef79d237e8bfda44690834012a76"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8326","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8326"},{"reference_url":"https://web.archive.org/web/20200228163625/http://www.securityfocus.com/bid/70731","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228163625/http://www.securityfocus.com/bid/70731"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php"},{"reference_url":"https://github.com/advisories/GHSA-pvr5-84gr-g985","reference_id":"GHSA-pvr5-84gr-g985","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pvr5-84gr-g985"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446986?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.5"},{"url":"http://public2.vulnerablecode.io/api/packages/384536?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B5"},{"url":"http://public2.vulnerablecode.io/api/packages/384537?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.1.14%2B6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.1.14%252B6"},{"url":"http://public2.vulnerablecode.io/api/packages/384538?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.2.10%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.2.10%252B1"}],"aliases":["CVE-2014-8326","GHSA-pvr5-84gr-g985"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jr4r-j28s-3ucz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179161?format=json","vulnerability_id":"VCID-meuk-b5zn-ubbv","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9866","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44813","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44963","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44977","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44965","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9866"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9866","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9866"},{"reference_url":"https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-71","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2016-71"},{"reference_url":"https://github.com/advisories/GHSA-jvxx-8xxf-5495","reference_id":"GHSA-jvxx-8xxf-5495","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jvxx-8xxf-5495"},{"reference_url":"https://security.gentoo.org/glsa/201701-32","reference_id":"GLSA-201701-32","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-32"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384529?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5g5s-k4mq-sqg6"},{"vulnerability":"VCID-w9y7-zd3z-xbed"},{"vulnerability":"VCID-wfhy-zb3f-sude"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B18"},{"url":"http://public2.vulnerablecode.io/api/packages/446983?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/384528?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5g5s-k4mq-sqg6"},{"vulnerability":"VCID-w9y7-zd3z-xbed"},{"vulnerability":"VCID-wfhy-zb3f-sude"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B9"},{"url":"http://public2.vulnerablecode.io/api/packages/384527?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5g5s-k4mq-sqg6"},{"vulnerability":"VCID-w9y7-zd3z-xbed"},{"vulnerability":"VCID-wfhy-zb3f-sude"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5"}],"aliases":["CVE-2016-9866","GHSA-jvxx-8xxf-5495"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-meuk-b5zn-ubbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207614?format=json","vulnerability_id":"VCID-sya2-1y7u-b7hu","summary":"In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86238","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86289","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86299","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02712","scoring_system":"epss","scoring_elements":"0.86297","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666","reference_id":"954666","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666"},{"reference_url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9","reference_id":"GHSA-fcww-8wvc-38q9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384714?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/380009?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-p55p-hbqm-xqg1"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-vb6g-x173-9khp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10803","GHSA-fcww-8wvc-38q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sya2-1y7u-b7hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179131?format=json","vulnerability_id":"VCID-t7cs-91p3-xyek","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6623","reference_id":"","reference_type":"","scores":[{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69549","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69639","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69652","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.6965","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6623"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6623","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6623"},{"reference_url":"https://web.archive.org/web/20210123204343/http://www.securityfocus.com/bid/95052","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210123204343/http://www.securityfocus.com/bid/95052"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-46","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2016-46"},{"reference_url":"https://github.com/advisories/GHSA-2mcj-3r3r-v5wm","reference_id":"GHSA-2mcj-3r3r-v5wm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2mcj-3r3r-v5wm"},{"reference_url":"https://security.gentoo.org/glsa/201701-32","reference_id":"GLSA-201701-32","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384693?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B17"},{"url":"http://public2.vulnerablecode.io/api/packages/446983?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/384692?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B8"},{"url":"http://public2.vulnerablecode.io/api/packages/384691?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35w1-dgmv-3ugx"},{"vulnerability":"VCID-4h57-bnew-kybe"},{"vulnerability":"VCID-6kt9-mbct-jkha"},{"vulnerability":"VCID-kths-e7vh-nfcb"},{"vulnerability":"VCID-whcz-pm8w-gbhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4"}],"aliases":["CVE-2016-6623","GHSA-2mcj-3r3r-v5wm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t7cs-91p3-xyek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11154?format=json","vulnerability_id":"VCID-vb6g-x173-9khp","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813","reference_id":"","reference_type":"","scores":[{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55344","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55347","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55223","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55361","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information","reference_id":"","reference_type":"","scores":[],"url":"https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released"},{"reference_url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813","reference_id":"CVE-2022-0813","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0813"},{"reference_url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q","reference_id":"GHSA-vx8q-j7h9-vf6q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vx8q-j7h9-vf6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18868?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/19652?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-87ne-4523-v7fa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.1.3"}],"aliases":["CVE-2022-0813","GHSA-vx8q-j7h9-vf6q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vb6g-x173-9khp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207113?format=json","vulnerability_id":"VCID-w2y5-u1vp-xuh6","summary":"phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19617","reference_id":"","reference_type":"","scores":[{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77386","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77456","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77471","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77462","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19617"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/compare/RELEASE_4_9_1...RELEASE_4_9_2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00024.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19617","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19617"},{"reference_url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released"},{"reference_url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/"},{"reference_url":"https://github.com/advisories/GHSA-pgph-mc4p-f8c3","reference_id":"GHSA-pgph-mc4p-f8c3","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pgph-mc4p-f8c3"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15974?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-7ab3-tj6r-r3g7"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-k8q3-v7cc-7yhq"},{"vulnerability":"VCID-rzd6-pqqs-a3em"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-xsbv-xna2-qfeb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.2"}],"aliases":["CVE-2019-19617","GHSA-pgph-mc4p-f8c3"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w2y5-u1vp-xuh6"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202987?format=json","vulnerability_id":"VCID-mkxk-w8n7-5kh8","summary":"import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4729","reference_id":"","reference_type":"","scores":[{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59039","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59152","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59163","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59154","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4729"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/012464268420e53a9cd81cbb4a43988d70393c36","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/012464268420e53a9cd81cbb4a43988d70393c36"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4729","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4729"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php"},{"reference_url":"https://github.com/advisories/GHSA-x962-w72p-mv7q","reference_id":"GHSA-x962-w72p-mv7q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x962-w72p-mv7q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446976?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19e5-h8yr-efcy"},{"vulnerability":"VCID-4cqm-g8ca-dygk"},{"vulnerability":"VCID-4f9y-mpe6-akgc"},{"vulnerability":"VCID-5549-uqep-tubz"},{"vulnerability":"VCID-5and-muph-hked"},{"vulnerability":"VCID-aegs-ukwt-d7g7"},{"vulnerability":"VCID-cauk-7k6d-hbdd"},{"vulnerability":"VCID-cmu6-m7cr-7fa7"},{"vulnerability":"VCID-d6w1-jw73-9kbb"},{"vulnerability":"VCID-dv3f-h92r-37gs"},{"vulnerability":"VCID-e8jm-k1ee-v3dg"},{"vulnerability":"VCID-ggqt-drsc-2qd2"},{"vulnerability":"VCID-h5ft-zg32-myhg"},{"vulnerability":"VCID-jr4r-j28s-3ucz"},{"vulnerability":"VCID-meuk-b5zn-ubbv"},{"vulnerability":"VCID-sya2-1y7u-b7hu"},{"vulnerability":"VCID-t7cs-91p3-xyek"},{"vulnerability":"VCID-vb6g-x173-9khp"},{"vulnerability":"VCID-w2y5-u1vp-xuh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/385885?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.0.4%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.4%252B1"}],"aliases":["CVE-2013-4729","GHSA-x962-w72p-mv7q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkxk-w8n7-5kh8"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.4.1"}