{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","type":"deb","namespace":"debian","name":"phpmyadmin","version":"0","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.11.5.1","latest_non_vulnerable_version":"4:5.2.3+dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54646?format=json","vulnerability_id":"VCID-5288-gx4v-7bh4","summary":"phpMyAdmin Unsafe Fetching of Javascript Code\nphpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5368","reference_id":"","reference_type":"","scores":[{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62265","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.6226","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62267","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62251","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62261","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62278","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62271","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62216","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62102","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62162","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62193","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62228","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62246","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62236","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62215","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5368"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/50edafc0884aa15d0a1aa178089ac6a1ad2eb18a","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/50edafc0884aa15d0a1aa178089ac6a1ad2eb18a"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/a547f3d3e2cf36c6a904fa3e053fd8bddd3fbbb0","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/a547f3d3e2cf36c6a904fa3e053fd8bddd3fbbb0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5368","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5368"},{"reference_url":"https://web.archive.org/web/20200228143700/http://www.securityfocus.com/bid/55939","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228143700/http://www.securityfocus.com/bid/55939"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php"},{"reference_url":"http://www.securityfocus.com/bid/55939","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55939"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-xpxp-v33m-5jp9","reference_id":"GHSA-xpxp-v33m-5jp9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xpxp-v33m-5jp9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5368","GHSA-xpxp-v33m-5jp9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5288-gx4v-7bh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9480?format=json","vulnerability_id":"VCID-9auw-hwad-ybaf","summary":"Improper Authentication\nAn issue was discovered in phpMyAdm in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for allowed pages.","references":[{"reference_url":"http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12613","reference_id":"","reference_type":"","scores":[{"value":"0.94281","scoring_system":"epss","scoring_elements":"0.99941","published_at":"2026-05-07T12:55:00Z"},{"value":"0.94281","scoring_system":"epss","scoring_elements":"0.9994","published_at":"2026-05-05T12:55:00Z"},{"value":"0.94281","scoring_system":"epss","scoring_elements":"0.99939","published_at":"2026-04-26T12:55:00Z"},{"value":"0.94281","scoring_system":"epss","scoring_elements":"0.99938","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12613"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://www.exploit-db.com/exploits/44924","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/44924"},{"reference_url":"https://www.exploit-db.com/exploits/44924/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44924/"},{"reference_url":"https://www.exploit-db.com/exploits/44928","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/44928"},{"reference_url":"https://www.exploit-db.com/exploits/44928/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44928/"},{"reference_url":"https://www.exploit-db.com/exploits/45020","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/45020"},{"reference_url":"https://www.exploit-db.com/exploits/45020/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/45020/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-4/"},{"reference_url":"http://www.securityfocus.com/bid/104532","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/104532"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/45020.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44924.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44928.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50457.py"},{"reference_url":"https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247485036&idx=1&sn=8e9647906c5d94f72564dec5bc51a2ab&chksm=e89e2eb4dfe9a7a28bff2efebb5b2723782dab660acff074c3f18c9e7dca924abdf3da618fb4&mpshare=1&scene=1&srcid=0621gAv1FMtrgoahD01psMZr&pass_ticket=LqhR"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12613","reference_id":"CVE-2018-12613","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12613"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb","reference_id":"CVE-2018-12613","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/1ded8ffb299499e18725f4d549fcadaec5528387/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb"},{"reference_url":"https://github.com/advisories/GHSA-x394-g9j8-x7mf","reference_id":"GHSA-x394-g9j8-x7mf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x394-g9j8-x7mf"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12613","GHSA-x394-g9j8-x7mf"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9auw-hwad-ybaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36783?format=json","vulnerability_id":"VCID-cb4p-81h2-h7cb","summary":"Multiple vulnerabilities have been found in phpMyAdmin, allowing\n    remote authenticated attackers to execute arbitrary code, inject SQL code\n    or conduct other attacks.","references":[{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104725.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104725.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104770.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104770.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104936.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104936.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3238","reference_id":"","reference_type":"","scores":[{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98471","published_at":"2026-05-07T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98441","published_at":"2026-04-01T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98444","published_at":"2026-04-02T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98447","published_at":"2026-04-04T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98449","published_at":"2026-04-07T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98453","published_at":"2026-04-08T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98454","published_at":"2026-04-09T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98462","published_at":"2026-04-18T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98463","published_at":"2026-04-21T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98467","published_at":"2026-04-26T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98466","published_at":"2026-04-29T12:55:00Z"},{"value":"0.64584","scoring_system":"epss","scoring_elements":"0.98472","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3238"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/dedd542cdaf1606ca9aa3f6f8f8adb078d8ad549","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/dedd542cdaf1606ca9aa3f6f8f8adb078d8ad549"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/ffa720d90a79c1f33cf4c5a33403d09a67b42a66","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/ffa720d90a79c1f33cf4c5a33403d09a67b42a66"},{"reference_url":"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0133","reference_id":"","reference_type":"","scores":[],"url":"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0133"},{"reference_url":"http://www.exploit-db.com/exploits/25136","reference_id":"","reference_type":"","scores":[],"url":"http://www.exploit-db.com/exploits/25136"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:160","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:160"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.8:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.8:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.8:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3238","reference_id":"CVE-2013-3238","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3238"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/25136.rb","reference_id":"CVE-2013-3238;OSVDB-92793","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/25136.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25003.txt","reference_id":"CVE-2013-3241;CVE-2013-3240;CVE-2013-3239;CVE-2013-3238;OSVDB-92795;OSVDB-92794;OSVDB-92793;OSVDB-92792","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25003.txt"},{"reference_url":"http://www.waraxe.us/advisory-103.html","reference_id":"CVE-2013-3241;CVE-2013-3240;CVE-2013-3239;CVE-2013-3238;OSVDB-92795;OSVDB-92794;OSVDB-92793;OSVDB-92792","reference_type":"exploit","scores":[],"url":"http://www.waraxe.us/advisory-103.html"},{"reference_url":"https://security.gentoo.org/glsa/201311-02","reference_id":"GLSA-201311-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-3238"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cb4p-81h2-h7cb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9787?format=json","vulnerability_id":"VCID-fchc-55te-akhe","summary":"Cross-site Scripting\nAn issue was discovered in phpMyAdm. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15605","reference_id":"","reference_type":"","scores":[{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71433","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71549","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71514","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71526","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71523","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71516","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71465","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71485","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.7148","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71434","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71452","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71468","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71392","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71446","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71418","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15605"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-5"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-5/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-5/"},{"reference_url":"http://www.securityfocus.com/bid/105168","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/105168"},{"reference_url":"http://www.securitytracker.com/id/1041548","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1041548"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-15605","reference_id":"CVE-2018-15605","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-15605"},{"reference_url":"https://github.com/advisories/GHSA-c958-4j9x-q7w4","reference_id":"GHSA-c958-4j9x-q7w4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c958-4j9x-q7w4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-15605","GHSA-c958-4j9x-q7w4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fchc-55te-akhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114582?format=json","vulnerability_id":"VCID-fhw5-5mdt-7ff3","summary":"Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-6374","reference_id":"","reference_type":"","scores":[{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72527","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72374","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72379","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72398","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72375","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72414","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72426","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72449","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72432","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.7242","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72461","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.7247","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72458","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72501","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72509","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72506","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72498","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-6374"},{"reference_url":"http://securityreason.com/securityalert/1993","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/1993"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30703","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30703"},{"reference_url":"http://www.securityfocus.com/archive/1/453432/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/453432/100/0/threaded"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_pl2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_pl2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_pl2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2006-6374","reference_id":"CVE-2006-6374","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-6374"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2006-6374"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhw5-5mdt-7ff3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55249?format=json","vulnerability_id":"VCID-kke6-fqmn-pug2","summary":"phpMyAdmin multiple cross-site scripting vulnerabilities\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2012-11/msg00033.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5339","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.42923","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43205","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43195","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43128","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43062","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43064","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.42982","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.42847","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43083","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43142","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43169","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43107","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.4316","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43173","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43194","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43161","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43146","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5339"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6ea8fad3f999bfdf79eb6fe31309592bca54d611","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6ea8fad3f999bfdf79eb6fe31309592bca54d611"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/cfd688d2512df9827a8ecc0412fc264fc5bcb186","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/cfd688d2512df9827a8ecc0412fc264fc5bcb186"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5339","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5339"},{"reference_url":"https://web.archive.org/web/20121020000514/http://www.securityfocus.com/bid/55925","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20121020000514/http://www.securityfocus.com/bid/55925"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php"},{"reference_url":"http://www.securityfocus.com/bid/55925","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55925"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-rfpg-2fp8-2fph","reference_id":"GHSA-rfpg-2fp8-2fph","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rfpg-2fp8-2fph"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5339","GHSA-rfpg-2fp8-2fph"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kke6-fqmn-pug2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42602?format=json","vulnerability_id":"VCID-ktmy-w9g2-1fav","summary":"Multiple vulnerabilities have been found in phpMyAdmin, the worst\n    of which could lead to arbitrary code execution.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5098","reference_id":"","reference_type":"","scores":[{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63807","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63764","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63651","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63737","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63697","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63749","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63766","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.6378","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63765","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63732","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63768","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63778","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63782","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63795","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63792","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5098"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8"},{"reference_url":"https://security.gentoo.org/glsa/201701-32","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-32"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2016-15","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2016-15"},{"reference_url":"http://www.securitytracker.com/id/1035980","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035980"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5098","reference_id":"CVE-2016-5098","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5098"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5098"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktmy-w9g2-1fav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/144215?format=json","vulnerability_id":"VCID-nr3p-zfc2-p7ac","summary":"export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.","references":[{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3241","reference_id":"","reference_type":"","scores":[{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87426","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87308","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87318","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87334","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87333","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87352","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87366","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87362","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87377","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87381","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87375","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87392","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87398","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.874","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03369","scoring_system":"epss","scoring_elements":"0.87414","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3241"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-5.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-5.php"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3241","reference_id":"CVE-2013-3241","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3241"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-3241"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nr3p-zfc2-p7ac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/141820?format=json","vulnerability_id":"VCID-q6z8-dgxc-h3fr","summary":"phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5159","reference_id":"","reference_type":"","scores":[{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99484","published_at":"2026-05-07T12:55:00Z"},{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99473","published_at":"2026-04-02T12:55:00Z"},{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99475","published_at":"2026-04-04T12:55:00Z"},{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99476","published_at":"2026-04-07T12:55:00Z"},{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99478","published_at":"2026-04-09T12:55:00Z"},{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99479","published_at":"2026-04-13T12:55:00Z"},{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99482","published_at":"2026-04-21T12:55:00Z"},{"value":"0.8794","scoring_system":"epss","scoring_elements":"0.99483","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5159"},{"reference_url":"http://seclists.org/oss-sec/2012/q3/562","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2012/q3/562"},{"reference_url":"http://sourceforge.net/blog/phpmyadmin-back-door/","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/blog/phpmyadmin-back-door/"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php"},{"reference_url":"http://www.securityfocus.com/bid/55672","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55672"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5159","reference_id":"CVE-2012-5159","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5159"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/21834.rb","reference_id":"CVE-2012-5159;OSVDB-85739","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/21834.rb"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5159"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6z8-dgxc-h3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33683?format=json","vulnerability_id":"VCID-sgc1-f332-byfu","summary":"phpMyAdmin leaves the SQL install script with insecure permissions,\n    potentially leading to a database compromise.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=88831","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=88831"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1392","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15934","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16044","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16225","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16286","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16166","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1623","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16213","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16105","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16038","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16054","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16093","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15987","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15942","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15824","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1392"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200504-30.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200504-30.xml"},{"reference_url":"http://www.osvdb.org/16053","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/16053"},{"reference_url":"http://www.vupen.com/english/advisories/2005/0436","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/0436"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1392","reference_id":"CVE-2005-1392","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1392"},{"reference_url":"https://security.gentoo.org/glsa/200504-30","reference_id":"GLSA-200504-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200504-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2005-1392"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgc1-f332-byfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8631?format=json","vulnerability_id":"VCID-tbnx-nuzv-ebdc","summary":"Cross-Site Request Forgery (CSRF)\nphpMyAdmin versions is vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping or truncating tables etc.","references":[{"reference_url":"http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click"},{"reference_url":"http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/","reference_id":"","reference_type":"","scores":[],"url":"http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000499","reference_id":"","reference_type":"","scores":[{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93632","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93624","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93626","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93627","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93623","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93618","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93556","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93612","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93592","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93565","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93586","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93573","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93574","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11439","scoring_system":"epss","scoring_elements":"0.93644","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000499"},{"reference_url":"https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201208204518/http://www.securitytracker.com/id/1040163"},{"reference_url":"https://www.exploit-db.com/exploits/45284","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/45284"},{"reference_url":"https://www.exploit-db.com/exploits/45284/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/45284/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2017-9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2017-9"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2017-9/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2017-9/"},{"reference_url":"http://www.securitytracker.com/id/1040163","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1040163"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt","reference_id":"CVE-2017-1000499","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/45284.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000499","reference_id":"CVE-2017-1000499","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000499"},{"reference_url":"https://github.com/advisories/GHSA-f9hx-5jq4-fgjm","reference_id":"GHSA-f9hx-5jq4-fgjm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f9hx-5jq4-fgjm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-1000499","GHSA-f9hx-5jq4-fgjm"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbnx-nuzv-ebdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50387?format=json","vulnerability_id":"VCID-u32z-czfc-qbe1","summary":"Multiple flaws in phpMyAdmin may lead to several XSS issues and local and\n    remote file inclusion vulnerabilities.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4079","reference_id":"","reference_type":"","scores":[{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81894","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81711","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81722","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81745","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81742","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81769","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81773","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81793","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.8178","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81776","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81813","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81816","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.8184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.8185","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81855","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81873","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4079"},{"reference_url":"http://secunia.com/advisories/17925/","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17925/"},{"reference_url":"http://secunia.com/advisories/17957","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17957"},{"reference_url":"http://secunia.com/advisories/18618","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18618"},{"reference_url":"http://securityreason.com/securityalert/237","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/237"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200512-03.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200512-03.xml"},{"reference_url":"http://www.hardened-php.net/advisory_252005.110.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.hardened-php.net/advisory_252005.110.html"},{"reference_url":"http://www.osvdb.org/21508","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/21508"},{"reference_url":"http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0","reference_id":"","reference_type":"","scores":[],"url":"http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0"},{"reference_url":"http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9","reference_id":"","reference_type":"","scores":[],"url":"http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9"},{"reference_url":"http://www.securityfocus.com/archive/1/418834/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/418834/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/423142/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/423142/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/15761","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/15761"},{"reference_url":"http://www.vupen.com/english/advisories/2005/2792","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/2792"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_rc1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_rc1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_rc1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-4079","reference_id":"CVE-2005-4079","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-4079"},{"reference_url":"https://security.gentoo.org/glsa/200512-03","reference_id":"GLSA-200512-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200512-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2005-4079"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u32z-czfc-qbe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36782?format=json","vulnerability_id":"VCID-uxne-zpub-tffp","summary":"Multiple vulnerabilities have been found in phpMyAdmin, allowing\n    remote authenticated attackers to execute arbitrary code, inject SQL code\n    or conduct other attacks.","references":[{"reference_url":"http://archives.neohapsis.com/archives/fulldisclosure/2013-04/0101.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2013-04/0101.html"},{"reference_url":"http://immunityservices.blogspot.com/2019/02/cvss.html","reference_id":"","reference_type":"","scores":[],"url":"http://immunityservices.blogspot.com/2019/02/cvss.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103184.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103184.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103188.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103188.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103195.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103195.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html"},{"reference_url":"http://openwall.com/lists/oss-security/2013/04/09/13","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2013/04/09/13"},{"reference_url":"http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1937","reference_id":"","reference_type":"","scores":[{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.92123","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.9213","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.92137","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.92141","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.92153","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.92156","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.9216","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08106","scoring_system":"epss","scoring_elements":"0.92161","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.92527","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.92548","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.92525","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.9253","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.92536","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.92524","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.92528","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08766","scoring_system":"epss","scoring_elements":"0.92529","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1937"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:144","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:144"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php"},{"reference_url":"http://www.waraxe.us/advisory-102.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.waraxe.us/advisory-102.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1937","reference_id":"CVE-2013-1937","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1937"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38440.txt","reference_id":"CVE-2013-1937;OSVDB-92201","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38440.txt"},{"reference_url":"https://www.securityfocus.com/bid/58962/info","reference_id":"CVE-2013-1937;OSVDB-92201","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/58962/info"},{"reference_url":"https://security.gentoo.org/glsa/201311-02","reference_id":"GLSA-201311-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-1937"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uxne-zpub-tffp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90638?format=json","vulnerability_id":"VCID-xae2-3cvs-kuex","summary":"Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type.","references":[{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3240.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3240","reference_id":"","reference_type":"","scores":[{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88578","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88468","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88475","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88492","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88514","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88519","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.8853","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88522","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88536","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88532","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88529","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88546","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88551","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.8855","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04055","scoring_system":"epss","scoring_elements":"0.88561","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3240"},{"reference_url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-4.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.phpmyadmin.net/home_page/security/PMASA-2013-4.php"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3240","reference_id":"CVE-2013-3240","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-3240"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935154?format=json","purl":"pkg:deb/debian/phpmyadmin@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-3240"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xae2-3cvs-kuex"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@0%3Fdistro=trixie"}