Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/935199?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/935199?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "phpmyadmin", "version": "4:3.4.3.1-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "4:3.4.3.2-1", "latest_non_vulnerable_version": "4:5.2.3+dfsg-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15792?format=api", "vulnerability_id": "VCID-9xb8-kz1v-43bt", "summary": "Improper Control of Generation of Code ('Code Injection')\nsetup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.", "references": [ { "reference_url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96996", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96925", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96929", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96938", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96942", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96943", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96944", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96951", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96955", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96958", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.9696", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96963", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96967", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96972", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96979", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.9698", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96986", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96913", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.33677", "scoring_system": "epss", "scoring_elements": "0.96921", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506" }, { "reference_url": "http://securityreason.com/securityalert/8306", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securityreason.com/securityalert/8306" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4" }, { "reference_url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2286", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2286" }, { "reference_url": "http://www.exploit-db.com/exploits/17514", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.exploit-db.com/exploits/17514" }, { "reference_url": "http://www.exploit-db.com/exploits/17514/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/17514/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/11" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2506", "reference_id": "CVE-2011-2506", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2506" }, { "reference_url": "https://github.com/advisories/GHSA-p6h7-29r2-g88f", "reference_id": "GHSA-p6h7-29r2-g88f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p6h7-29r2-g88f" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935199?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2506", "GHSA-p6h7-29r2-g88f" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9xb8-kz1v-43bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15764?format=api", "vulnerability_id": "VCID-qrm9-716c-2ybp", "summary": "Improper Control of Generation of Code ('Code Injection')\nlibraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a \"remote variable manipulation vulnerability.\"", "references": [ { "reference_url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97206", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97134", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.9714", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97141", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.9715", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97155", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97156", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97165", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97166", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97171", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97172", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97174", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97179", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97184", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97188", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97193", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97198", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.37008", "scoring_system": "epss", "scoring_elements": "0.97127", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505" }, { "reference_url": "http://securityreason.com/securityalert/8306", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securityreason.com/securityalert/8306" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967" }, { "reference_url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2286", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2286" }, { "reference_url": "http://www.exploit-db.com/exploits/17514", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.exploit-db.com/exploits/17514" }, { "reference_url": "http://www.exploit-db.com/exploits/17514/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/17514/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/11" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2505", "reference_id": "CVE-2011-2505", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2505" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py", "reference_id": "CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17510.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php", "reference_id": "CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/17514.php" }, { "reference_url": "http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "CVE-2011-2506;CVE-2011-2505;OSVDB-73612;OSVDB-73611", "reference_type": "exploit", "scores": [], "url": "http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://github.com/advisories/GHSA-vqcm-r62w-w437", "reference_id": "GHSA-vqcm-r62w-w437", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vqcm-r62w-w437" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935199?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2505", "GHSA-vqcm-r62w-w437" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrm9-716c-2ybp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35357?format=api", "vulnerability_id": "VCID-tnbx-6gqw-8fb5", "summary": "Multiple vulnerabilities were found in phpMyAdmin, the most severe\n of which allows the execution of arbitrary PHP code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.87949", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.87959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.87973", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.87977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.87997", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88014", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88007", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88008", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88021", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.8802", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88037", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88042", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88043", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88054", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.8807", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88085", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88083", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88096", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.03737", "scoring_system": "epss", "scoring_elements": "0.88127", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935199?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2507" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tnbx-6gqw-8fb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15725?format=api", "vulnerability_id": "VCID-z6t5-jasy-vbfs", "summary": "phpMyAdmin Directory Traversal vulnerability\nDirectory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.", "references": [ { "reference_url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=b434320eff8ca9c2fc1b043c1804f868341af9a7" }, { "reference_url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=b434320eff8ca9c2fc1b043c1804f868341af9a7" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93515", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93509", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.9349", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93489", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93484", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.9348", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93465", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93572", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93559", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93553", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93542", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93529", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93524", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93521", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11174", "scoring_system": "epss", "scoring_elements": "0.93457", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt" }, { "reference_url": "https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111109175131/http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008" }, { "reference_url": "https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111217070727/http://www.securityfocus.com/archive/1/518804/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111217173735/http://securityreason.com/securityalert/8306" }, { "reference_url": "https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20250218012437/http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2286", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2286" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:124", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:124" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/28/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2011/06/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/11" }, { "reference_url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2508", "reference_id": "CVE-2011-2508", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2508" }, { "reference_url": "https://github.com/advisories/GHSA-q6vw-39cg-wjjf", "reference_id": "GHSA-q6vw-39cg-wjjf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q6vw-39cg-wjjf" }, { "reference_url": "https://security.gentoo.org/glsa/201201-01", "reference_id": "GLSA-201201-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935199?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:3.4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935143?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-na3j-h3qr-k7dc" }, { "vulnerability": "VCID-ndjn-p6gb-u7g4" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935141?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zd8d-c1nk-g7a4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935145?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935144?format=api", "purl": "pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2508", "GHSA-q6vw-39cg-wjjf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6t5-jasy-vbfs" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:3.4.3.1-1%3Fdistro=trixie" }