{"url":"http://public2.vulnerablecode.io/api/packages/54925?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.0","type":"composer","namespace":"phpmyadmin","name":"phpmyadmin","version":"3.4.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.9.11","latest_non_vulnerable_version":"5.2.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35360?format=json","vulnerability_id":"VCID-19nn-dc48-nqdw","summary":"Multiple vulnerabilities were found in phpMyAdmin, the most severe\n    of which allows the execution of arbitrary PHP code.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2718","reference_id":"","reference_type":"","scores":[{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77228","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77053","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.7708","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77087","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77101","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77109","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77138","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.7716","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77148","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77165","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77213","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.76946","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.76952","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.76981","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.76964","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.76996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77007","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77035","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77014","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.7701","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77051","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=725383","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=725383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2718"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68768","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68768"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/3ae58f0cd6b89ad4767920f9b214c38d3f6d4393","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/3ae58f0cd6b89ad4767920f9b214c38d3f6d4393"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2718","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2718"},{"reference_url":"https://web.archive.org/web/20120111084137/http://www.securityfocus.com/bid/48874","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20120111084137/http://www.securityfocus.com/bid/48874"},{"reference_url":"https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/07/25/4","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/07/25/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/07/26/10","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/07/26/10"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php"},{"reference_url":"https://github.com/advisories/GHSA-xhqq-554j-p4x8","reference_id":"GHSA-xhqq-554j-p4x8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xhqq-554j-p4x8"},{"reference_url":"https://security.gentoo.org/glsa/201201-01","reference_id":"GLSA-201201-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82266?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.3%2B2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.3%252B2"}],"aliases":["CVE-2011-2718","GHSA-xhqq-554j-p4x8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19nn-dc48-nqdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55696?format=json","vulnerability_id":"VCID-46c2-r8g1-13ez","summary":"phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page\nMultiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name during table creation, or a (2) Empty link or (3) Drop link for a crafted table name.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4345","reference_id":"","reference_type":"","scores":[{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43155","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43083","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.431","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.4304","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43071","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43135","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43232","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43317","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43254","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43305","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.4332","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43341","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43309","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43293","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43355","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43344","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.4328","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43214","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43216","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43005","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345"},{"reference_url":"https://hermes.opensuse.org/messages/15513071","reference_id":"","reference_type":"","scores":[],"url":"https://hermes.opensuse.org/messages/15513071"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4345","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4345"},{"reference_url":"https://web.archive.org/web/20150523055725/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2012:136/?name=MDVSA-2012:136","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523055725/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2012:136/?name=MDVSA-2012:136"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:136","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:136"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-r3pq-mp8v-cp33","reference_id":"GHSA-r3pq-mp8v-cp33","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r3pq-mp8v-cp33"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82703?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.11%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.11%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/55342?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.5.2%2B2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.5.2%252B2"}],"aliases":["CVE-2012-4345","GHSA-r3pq-mp8v-cp33"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-46c2-r8g1-13ez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15792?format=json","vulnerability_id":"VCID-9xb8-kz1v-43bt","summary":"Improper Control of Generation of Code ('Code Injection')\nsetup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.","references":[{"reference_url":"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2506","reference_id":"","reference_type":"","scores":[{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.97","published_at":"2026-05-15T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96938","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96942","published_at":"2026-04-11T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96943","published_at":"2026-04-12T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96951","published_at":"2026-04-16T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96955","published_at":"2026-04-18T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96958","published_at":"2026-04-24T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.9696","published_at":"2026-04-26T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96963","published_at":"2026-04-29T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96967","published_at":"2026-05-05T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96972","published_at":"2026-05-07T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96979","published_at":"2026-05-09T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.9698","published_at":"2026-05-11T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96986","published_at":"2026-05-12T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96996","published_at":"2026-05-14T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96913","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96921","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33677","scoring_system":"epss","scoring_elements":"0.96925","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506"},{"reference_url":"http://securityreason.com/securityalert/8306","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://securityreason.com/securityalert/8306"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4"},{"reference_url":"https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt"},{"reference_url":"https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded"},{"reference_url":"https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/","reference_id":"","reference_type":"","scores":[],"url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/"},{"reference_url":"http://www.debian.org/security/2011/dsa-2286","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2286"},{"reference_url":"http://www.exploit-db.com/exploits/17514","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.exploit-db.com/exploits/17514"},{"reference_url":"http://www.exploit-db.com/exploits/17514/","reference_id":"","reference_type":"","scores":[],"url":"http://www.exploit-db.com/exploits/17514/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/6","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/8","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/29/11","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/29/11"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2506","reference_id":"CVE-2011-2506","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2506"},{"reference_url":"https://github.com/advisories/GHSA-p6h7-29r2-g88f","reference_id":"GHSA-p6h7-29r2-g88f","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p6h7-29r2-g88f"},{"reference_url":"https://security.gentoo.org/glsa/201201-01","reference_id":"GLSA-201201-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54927?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.3%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.3%252B1"}],"aliases":["CVE-2011-2506","GHSA-p6h7-29r2-g88f"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9xb8-kz1v-43bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15973?format=json","vulnerability_id":"VCID-ejnb-3ya3-uqa6","summary":"phpMyAdmin Vulnerable to Cross-Site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php.","references":[{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=7e10c132a3887c8ebfd7a8eee356b28375f1e287","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=7e10c132a3887c8ebfd7a8eee356b28375f1e287"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=d3ccf798fdbd4f8a89d4088130637d8dee918492","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=d3ccf798fdbd4f8a89d4088130637d8dee918492"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=7e10c132a3887c8ebfd7a8eee356b28375f1e287","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=7e10c132a3887c8ebfd7a8eee356b28375f1e287"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=d3ccf798fdbd4f8a89d4088130637d8dee918492","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=d3ccf798fdbd4f8a89d4088130637d8dee918492"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1940","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51871","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51919","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51955","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51946","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5191","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51964","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51963","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52015","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51997","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52023","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52009","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52029","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52031","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51943","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51957","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51918","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51868","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51921","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51961","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1940"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1940","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1940"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"http://www.debian.org/security/2012/dsa-2391","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2012/dsa-2391"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-3.php","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-3.php"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1940","reference_id":"CVE-2011-1940","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1940"},{"reference_url":"https://github.com/advisories/GHSA-4q58-5x28-53wv","reference_id":"GHSA-4q58-5x28-53wv","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4q58-5x28-53wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55290?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.1"}],"aliases":["CVE-2011-1940","GHSA-4q58-5x28-53wv"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ejnb-3ya3-uqa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15981?format=json","vulnerability_id":"VCID-jypm-yg7x-p3cn","summary":"Improper Restriction of XML External Entity Reference\nThe simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html"},{"reference_url":"http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4107","reference_id":"","reference_type":"","scores":[{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93928","published_at":"2026-04-29T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93929","published_at":"2026-04-24T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93927","published_at":"2026-04-21T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93861","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93986","published_at":"2026-05-15T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93983","published_at":"2026-05-14T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93969","published_at":"2026-05-12T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93965","published_at":"2026-05-11T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.9396","published_at":"2026-05-09T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93949","published_at":"2026-05-07T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93937","published_at":"2026-05-05T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93926","published_at":"2026-04-18T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.9392","published_at":"2026-04-16T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93899","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93895","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93892","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.93883","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.9388","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12434","scoring_system":"epss","scoring_elements":"0.9387","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4107"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=751112","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=751112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4107"},{"reference_url":"http://seclists.org/fulldisclosure/2011/Nov/21","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2011/Nov/21"},{"reference_url":"http://securityreason.com/securityalert/8533","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://securityreason.com/securityalert/8533"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71108","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71108"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/2fbf631384fd8cded55f4500cb87b129442f9ed2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/2fbf631384fd8cded55f4500cb87b129442f9ed2"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/34d99de000de9d15cfdf5e9cc8b7682d51110bbd","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/34d99de000de9d15cfdf5e9cc8b7682d51110bbd"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/5fa86b8e81565c15ddbc359e8f59ecd829a2b717","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/5fa86b8e81565c15ddbc359e8f59ecd829a2b717"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/a5e206fbd2ca814042cfc1bb7dd3b40c28ce3fb5","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/a5e206fbd2ca814042cfc1bb7dd3b40c28ce3fb5"},{"reference_url":"http://www.debian.org/security/2012/dsa-2391","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2012/dsa-2391"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/11/03/3","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/11/03/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/11/03/5","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/11/03/5"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656247","reference_id":"656247","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656247"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4107","reference_id":"CVE-2011-4107","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4107"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18371.rb","reference_id":"CVE-2011-4107;OSVDB-76798","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18371.rb"},{"reference_url":"https://github.com/advisories/GHSA-q4mm-89q2-xffg","reference_id":"GHSA-q4mm-89q2-xffg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q4mm-89q2-xffg"},{"reference_url":"https://security.gentoo.org/glsa/201201-01","reference_id":"GLSA-201201-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55296?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.7%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.7%252B1"}],"aliases":["CVE-2011-4107","GHSA-q4mm-89q2-xffg"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jypm-yg7x-p3cn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35368?format=json","vulnerability_id":"VCID-kb9j-j8s4-3kbd","summary":"Multiple vulnerabilities were found in phpMyAdmin, the most severe\n    of which allows the execution of arbitrary PHP code.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071040.html","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071040.html"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=077c10020e349e8c1beb46309098992fde616913","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=077c10020e349e8c1beb46309098992fde616913"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=1490533d91e9d3820e78ca4eac7981886eaea2cb","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=1490533d91e9d3820e78ca4eac7981886eaea2cb"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=b289fe082441dc739939b0ba15dae0d9dc6cee92","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=b289fe082441dc739939b0ba15dae0d9dc6cee92"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=dac8d6ce256333ff45b5f46270304b8657452740","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=dac8d6ce256333ff45b5f46270304b8657452740"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=077c10020e349e8c1beb46309098992fde616913","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=077c10020e349e8c1beb46309098992fde616913"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=1490533d91e9d3820e78ca4eac7981886eaea2cb","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=1490533d91e9d3820e78ca4eac7981886eaea2cb"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b289fe082441dc739939b0ba15dae0d9dc6cee92","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b289fe082441dc739939b0ba15dae0d9dc6cee92"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=dac8d6ce256333ff45b5f46270304b8657452740","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=dac8d6ce256333ff45b5f46270304b8657452740"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4634","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62155","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62043","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62041","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62057","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6205","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61996","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62045","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62106","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62088","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62141","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61883","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61956","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61988","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62007","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62024","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62035","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62056","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62061","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4634"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4634","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4634"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:198","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:198"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php"},{"reference_url":"https://github.com/advisories/GHSA-9j9h-cpgc-8356","reference_id":"GHSA-9j9h-cpgc-8356","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9j9h-cpgc-8356"},{"reference_url":"https://security.gentoo.org/glsa/201201-01","reference_id":"GLSA-201201-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84244?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.8"}],"aliases":["CVE-2011-4634","GHSA-9j9h-cpgc-8356"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kb9j-j8s4-3kbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59770?format=json","vulnerability_id":"VCID-kdu8-dzvr-fubc","summary":"phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) `js/functions.js` and (2) `js/tbl_structure.js`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3591","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39225","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39336","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39254","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39128","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39196","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39211","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39119","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39143","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39214","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39478","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39627","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.3965","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39566","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39621","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39636","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39645","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39644","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39614","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39531","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39351","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3591"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=738681","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=738681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3591"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-3591","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-3591"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/09/30/8","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/09/30/8"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-3p87-w3c5-27gf","reference_id":"GHSA-3p87-w3c5-27gf","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3p87-w3c5-27gf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82345?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.5"}],"aliases":["CVE-2011-3591","GHSA-3p87-w3c5-27gf"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kdu8-dzvr-fubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15764?format=json","vulnerability_id":"VCID-qrm9-716c-2ybp","summary":"Improper Control of Generation of Code ('Code Injection')\nlibraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a \"remote variable manipulation vulnerability.\"","references":[{"reference_url":"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2505","reference_id":"","reference_type":"","scores":[{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97207","published_at":"2026-05-15T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.9714","published_at":"2026-04-04T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97141","published_at":"2026-04-07T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.9715","published_at":"2026-04-08T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97151","published_at":"2026-04-09T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97155","published_at":"2026-04-11T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97156","published_at":"2026-04-12T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97165","published_at":"2026-04-16T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97166","published_at":"2026-04-18T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97171","published_at":"2026-04-24T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97172","published_at":"2026-04-26T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97174","published_at":"2026-04-29T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97179","published_at":"2026-05-05T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97184","published_at":"2026-05-07T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97188","published_at":"2026-05-09T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97193","published_at":"2026-05-11T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97198","published_at":"2026-05-12T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97206","published_at":"2026-05-14T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97127","published_at":"2026-04-01T12:55:00Z"},{"value":"0.37008","scoring_system":"epss","scoring_elements":"0.97134","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505"},{"reference_url":"http://securityreason.com/securityalert/8306","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://securityreason.com/securityalert/8306"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967"},{"reference_url":"https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt"},{"reference_url":"https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded"},{"reference_url":"https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/","reference_id":"","reference_type":"","scores":[],"url":"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/"},{"reference_url":"http://www.debian.org/security/2011/dsa-2286","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2286"},{"reference_url":"http://www.exploit-db.com/exploits/17514","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.exploit-db.com/exploits/17514"},{"reference_url":"http://www.exploit-db.com/exploits/17514/","reference_id":"","reference_type":"","scores":[],"url":"http://www.exploit-db.com/exploits/17514/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/6","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/29/11","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/29/11"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2505","reference_id":"CVE-2011-2505","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2505"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py","reference_id":"CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php","reference_id":"CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php"},{"reference_url":"http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt","reference_id":"CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611","reference_type":"exploit","scores":[],"url":"http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt"},{"reference_url":"https://github.com/advisories/GHSA-vqcm-r62w-w437","reference_id":"GHSA-vqcm-r62w-w437","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vqcm-r62w-w437"},{"reference_url":"https://security.gentoo.org/glsa/201201-01","reference_id":"GLSA-201201-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54927?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.3%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.3%252B1"}],"aliases":["CVE-2011-2505","GHSA-vqcm-r62w-w437"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrm9-716c-2ybp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55176?format=json","vulnerability_id":"VCID-vnwc-dh5c-9yex","summary":"phpMyAdmin Multiple XSS Vulnerabilities\nMultiple cross-site scripting (XSS) vulnerabilities in the `PMA_unInlineEditRow` function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3592","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39225","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39351","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39336","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39254","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39128","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39196","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39211","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39119","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39143","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39214","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39478","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39627","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.3965","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39566","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39621","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39636","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39645","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39644","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39614","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39531","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3592"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=738681","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=738681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3592"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/2f28ce9c800274190418da0945ce3647d36e1db6","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/2f28ce9c800274190418da0945ce3647d36e1db6"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-3592","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-3592"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/09/30/8","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/09/30/8"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-5p69-rmx8-7gw7","reference_id":"GHSA-5p69-rmx8-7gw7","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5p69-rmx8-7gw7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82345?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.5"}],"aliases":["CVE-2011-3592","GHSA-5p69-rmx8-7gw7"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnwc-dh5c-9yex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56834?format=json","vulnerability_id":"VCID-wwm8-s1z9-23fg","summary":"phpMyAdmin Open Redirect in redirector\nOpen redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.","references":[{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1941","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48614","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48541","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48457","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48519","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48545","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48489","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48596","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48527","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48563","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48538","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48592","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48588","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48609","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48583","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48595","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48645","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4864","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48597","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48582","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48593","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1941"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/composer/commit/b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer/commit/b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f"},{"reference_url":"https://github.com/phpmyadmin/composer/commit/ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer/commit/ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1941","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1941"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-4.php","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-4.php"},{"reference_url":"https://github.com/advisories/GHSA-v6fw-xf2c-8q43","reference_id":"GHSA-v6fw-xf2c-8q43","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v6fw-xf2c-8q43"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55290?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.1"}],"aliases":["CVE-2011-1941","GHSA-v6fw-xf2c-8q43"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wwm8-s1z9-23fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15725?format=json","vulnerability_id":"VCID-z6t5-jasy-vbfs","summary":"phpMyAdmin Directory Traversal vulnerability\nDirectory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.","references":[{"reference_url":"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2508","reference_id":"","reference_type":"","scores":[{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93521","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93515","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93509","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.9349","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93489","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93484","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.9348","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93465","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93579","published_at":"2026-05-15T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93572","published_at":"2026-05-14T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93559","published_at":"2026-05-12T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93553","published_at":"2026-05-11T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93542","published_at":"2026-05-07T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93529","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93524","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93473","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11174","scoring_system":"epss","scoring_elements":"0.93457","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt"},{"reference_url":"https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008"},{"reference_url":"https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded"},{"reference_url":"https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306"},{"reference_url":"https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html"},{"reference_url":"http://www.debian.org/security/2011/dsa-2286","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2286"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:124","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:124"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/2","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/6","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/28/8","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/28/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/06/29/11","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/06/29/11"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2508","reference_id":"CVE-2011-2508","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2508"},{"reference_url":"https://github.com/advisories/GHSA-q6vw-39cg-wjjf","reference_id":"GHSA-q6vw-39cg-wjjf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q6vw-39cg-wjjf"},{"reference_url":"https://security.gentoo.org/glsa/201201-01","reference_id":"GLSA-201201-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54927?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.3%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.3%252B1"}],"aliases":["CVE-2011-2508","GHSA-q6vw-39cg-wjjf"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6t5-jasy-vbfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57068?format=json","vulnerability_id":"VCID-znfm-ak2t-mqdd","summary":"phpMyAdmin SQL injection vulnerability\nIn phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87827","published_at":"2026-05-15T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87666","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87667","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87694","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87706","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87699","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87712","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87708","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87726","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87732","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.8773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87745","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.8776","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87778","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87775","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87788","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.8782","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87643","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87653","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10803"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpmyadmin/phpmyadmin/CVE-2020-10803.yaml"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10803"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2020-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2020-4/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666","reference_id":"954666","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954666"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9","reference_id":"GHSA-fcww-8wvc-38q9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcww-8wvc-38q9"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81952?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@4.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/55567?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jjv-4en4-e3gx"},{"vulnerability":"VCID-2y3v-jnph-hfh4"},{"vulnerability":"VCID-araw-4wdy-hqcz"},{"vulnerability":"VCID-dsxw-w87t-eycw"},{"vulnerability":"VCID-mk34-h4nz-b3ey"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-ym9b-4su6-6fbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@5.0.2"}],"aliases":["CVE-2020-10803","GHSA-fcww-8wvc-38q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znfm-ak2t-mqdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15944?format=json","vulnerability_id":"VCID-ztma-5k5p-7yda","summary":"phpMyAdmin Cross-site Scripting vulnerability\nCross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071523.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071537.html"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=0e707906e69ce90c4852a0fce2a0fac7db86a3cd"},{"reference_url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0e707906e69ce90c4852a0fce2a0fac7db86a3cd"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4782","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64895","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.6503","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.6502","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64964","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64878","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64909","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64943","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64974","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64932","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64884","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64757","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64808","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64905","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64837","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.648","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.6485","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64881","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64871","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64843","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64892","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4782"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71938","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71938"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:198","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:198"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4782","reference_id":"CVE-2011-4782","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4782"},{"reference_url":"https://github.com/advisories/GHSA-2h23-c973-x63q","reference_id":"GHSA-2h23-c973-x63q","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2h23-c973-x63q"},{"reference_url":"https://security.gentoo.org/glsa/201201-01","reference_id":"GLSA-201201-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55246?format=json","purl":"pkg:composer/phpmyadmin/phpmyadmin@3.4.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.9"}],"aliases":["CVE-2011-4782","GHSA-2h23-c973-x63q"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztma-5k5p-7yda"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@3.4.0"}