{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","type":"deb","namespace":"debian","name":"phpmyadmin","version":"4:4.9.1+dfsg1-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4:4.9.2+dfsg1-1","latest_non_vulnerable_version":"4:5.2.3+dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10113?format=json","vulnerability_id":"VCID-986a-3m4g-83ge","summary":"Cross-Site Request Forgery (CSRF)\nBy deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new `tables/routines`, deleting designer pages, `adding/deleting` users, updating user passwords, killing SQL processes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19969","reference_id":"","reference_type":"","scores":[{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63356","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.6338","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63366","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64014","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64017","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64006","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64024","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64038","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64036","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6405","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64096","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64063","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64089","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63888","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63974","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63934","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63984","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6397","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64005","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969"},{"reference_url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175"},{"reference_url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20210124223800/https://www.securityfocus.com/bid/106175/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-7"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-7/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-7/"},{"reference_url":"http://www.securityfocus.com/bid/106175","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106175"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19969","reference_id":"CVE-2018-19969","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19969"},{"reference_url":"https://github.com/advisories/GHSA-xwf2-53mc-r8hx","reference_id":"GHSA-xwf2-53mc-r8hx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xwf2-53mc-r8hx"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19969","GHSA-xwf2-53mc-r8hx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-986a-3m4g-83ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10254?format=json","vulnerability_id":"VCID-br1c-5bzf-ufeu","summary":"SQL Injection\nAn issue was discovered in phpMyAdmin. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6798","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67746","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67578","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67597","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67608","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6761","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67585","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67627","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67664","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67635","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6766","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6772","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67733","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67474","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6751","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67532","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67562","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67598","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67584","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67551","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67587","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67599","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6798"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-2/"},{"reference_url":"http://www.securityfocus.com/bid/106727","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106727"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822","reference_id":"920822","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920822"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6798","reference_id":"CVE-2019-6798","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6798"},{"reference_url":"https://github.com/advisories/GHSA-f732-fxh6-g4qj","reference_id":"GHSA-f732-fxh6-g4qj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f732-fxh6-g4qj"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6798","GHSA-f732-fxh6-g4qj"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br1c-5bzf-ufeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9479?format=json","vulnerability_id":"VCID-c91y-txcw-2kdy","summary":"Cross-site Scripting\nAn issue was discovered in `js/designer/move.js` in phpMyAdm A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12581","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70248","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7005","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70037","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7008","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70089","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70069","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70121","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70128","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70103","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70145","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70176","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70172","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70222","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70233","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69974","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69987","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69978","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70026","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70042","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70065","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12581"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e"},{"reference_url":"https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530"},{"reference_url":"https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-3","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-3/"},{"reference_url":"http://www.securityfocus.com/bid/104530","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104530"},{"reference_url":"http://www.securitytracker.com/id/1041187","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041187"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12581","reference_id":"CVE-2018-12581","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12581"},{"reference_url":"https://github.com/advisories/GHSA-vxj6-pm6r-23hq","reference_id":"GHSA-vxj6-pm6r-23hq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vxj6-pm6r-23hq"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12581","GHSA-vxj6-pm6r-23hq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c91y-txcw-2kdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10108?format=json","vulnerability_id":"VCID-ebk2-vjau-57h9","summary":"Information Exposure\nAn attacker can exploit phpMyAdm to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19968","reference_id":"","reference_type":"","scores":[{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85642","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85474","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.8547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85494","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85498","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85517","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85527","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85526","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85543","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85566","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85585","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85581","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85594","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85631","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.8564","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85397","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85409","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85429","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85432","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85453","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85461","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85475","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-6"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-6/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-6/"},{"reference_url":"http://www.securityfocus.com/bid/106178","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106178"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19968","reference_id":"CVE-2018-19968","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19968"},{"reference_url":"https://github.com/advisories/GHSA-xc97-r49q-cxgc","reference_id":"GHSA-xc97-r49q-cxgc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc97-r49q-cxgc"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19968","GHSA-xc97-r49q-cxgc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk2-vjau-57h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8985?format=json","vulnerability_id":"VCID-ftdj-p5as-97hd","summary":"Cross-Site Request Forgery (CSRF)\nphpMyAdm has CSRF, allowing an attacker to execute arbitrary SQL statements, related to `js/db_operations.js`, `js/tbl_operations.js`, `libraries/classes/Operations.php`, and `sql.php.`","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10188","reference_id":"","reference_type":"","scores":[{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76373","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76153","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76179","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76155","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76152","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76193","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76197","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.7618","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76219","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76229","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76241","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76251","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.7628","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76301","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76289","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76304","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76353","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76365","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76093","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76096","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76128","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76107","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.7614","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641"},{"reference_url":"https://www.exploit-db.com/exploits/44496","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/44496"},{"reference_url":"https://www.exploit-db.com/exploits/44496/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44496/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-2"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-2/"},{"reference_url":"http://www.securityfocus.com/bid/103936","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/103936"},{"reference_url":"http://www.securitytracker.com/id/1040752","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1040752"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490","reference_id":"896490","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896490"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:4.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html","reference_id":"CVE-2018-10188","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44496.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10188","reference_id":"CVE-2018-10188","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10188"},{"reference_url":"https://github.com/advisories/GHSA-v6fp-h79x-9rqc","reference_id":"GHSA-v6fp-h79x-9rqc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v6fp-h79x-9rqc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-10188","GHSA-v6fp-h79x-9rqc"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ftdj-p5as-97hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10733?format=json","vulnerability_id":"VCID-jma9-9uhu-xuc3","summary":"SQL Injection\nA vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11768","reference_id":"","reference_type":"","scores":[{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82598","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82675","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82633","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82618","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82684","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82801","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82817","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82813","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82743","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82759","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82772","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82769","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82795","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82847","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82849","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82871","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.8288","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82885","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82904","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01803","scoring_system":"epss","scoring_elements":"0.82808","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11768"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11768"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-3"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-3/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048","reference_id":"930048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930048"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11768","reference_id":"CVE-2019-11768","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11768"},{"reference_url":"https://github.com/advisories/GHSA-x37v-98f9-mj32","reference_id":"GHSA-x37v-98f9-mj32","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x37v-98f9-mj32"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-11768","GHSA-x37v-98f9-mj32"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jma9-9uhu-xuc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8808?format=json","vulnerability_id":"VCID-mwtw-n1tv-hfd9","summary":"Cross-site Scripting\nCross-site scripting (XSS) vulnerability in `db_central_columns.php` in phpMyAdm allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7260","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53579","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53498","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53481","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53517","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53522","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53503","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53472","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53486","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53404","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53453","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53505","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53494","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53564","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53575","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53399","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53422","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53448","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53417","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53469","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53466","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53515","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3"},{"reference_url":"https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-1/"},{"reference_url":"http://www.securityfocus.com/bid/103099","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/103099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539","reference_id":"893539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893539"},{"reference_url":"https://security.archlinux.org/ASA-201802-11","reference_id":"ASA-201802-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-11"},{"reference_url":"https://security.archlinux.org/AVG-630","reference_id":"AVG-630","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-630"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7260","reference_id":"CVE-2018-7260","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7260"},{"reference_url":"https://github.com/advisories/GHSA-gqmj-f46x-wqhw","reference_id":"GHSA-gqmj-f46x-wqhw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gqmj-f46x-wqhw"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7260","GHSA-gqmj-f46x-wqhw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mwtw-n1tv-hfd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10112?format=json","vulnerability_id":"VCID-qcra-cu62-43he","summary":"Cross-site Scripting\nIn phpMyAdm, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted `database/table` name.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19970","reference_id":"","reference_type":"","scores":[{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.8133","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81176","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81178","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81198","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81205","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.8121","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81226","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81245","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81267","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81263","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81281","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81323","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81327","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81074","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81083","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81108","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81107","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81135","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81159","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81146","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81139","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19970"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00003.html"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-8","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2018-8"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2018-8/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2018-8/"},{"reference_url":"http://www.securityfocus.com/bid/106181","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106181"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19970","reference_id":"CVE-2018-19970","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19970"},{"reference_url":"https://github.com/advisories/GHSA-8987-93fh-rcwq","reference_id":"GHSA-8987-93fh-rcwq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8987-93fh-rcwq"},{"reference_url":"https://security.gentoo.org/glsa/201904-16","reference_id":"GLSA-201904-16","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201904-16"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19970","GHSA-8987-93fh-rcwq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qcra-cu62-43he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10737?format=json","vulnerability_id":"VCID-scu3-cfyc-9qfz","summary":"Cross-Site Request Forgery (CSRF)\nA vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken `<img>` tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific `INSERT` or `DELETE` statement) to the victim.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12616","reference_id":"","reference_type":"","scores":[{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98082","published_at":"2026-05-16T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98062","published_at":"2026-04-26T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98061","published_at":"2026-04-24T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98066","published_at":"2026-04-29T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98072","published_at":"2026-05-05T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.9807","published_at":"2026-05-07T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98073","published_at":"2026-05-09T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98071","published_at":"2026-05-11T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98074","published_at":"2026-05-12T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98079","published_at":"2026-05-14T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98038","published_at":"2026-04-01T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98043","published_at":"2026-04-02T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98047","published_at":"2026-04-07T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98052","published_at":"2026-04-08T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98058","published_at":"2026-04-12T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98059","published_at":"2026-04-13T12:55:00Z"},{"value":"0.55051","scoring_system":"epss","scoring_elements":"0.98065","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12616"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec"},{"reference_url":"https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html"},{"reference_url":"https://www.phpmyadmin.net/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-4","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-4"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-4/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-4/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017","reference_id":"930017","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt","reference_id":"CVE-2019-12616","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46982.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12616","reference_id":"CVE-2019-12616","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12616"},{"reference_url":"https://github.com/advisories/GHSA-mfr9-pcm3-6mwc","reference_id":"GHSA-mfr9-pcm3-6mwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mfr9-pcm3-6mwc"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12616","GHSA-mfr9-pcm3-6mwc"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scu3-cfyc-9qfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10253?format=json","vulnerability_id":"VCID-yfja-ssw3-skh1","summary":"Information Exposure\nWhen the `AllowArbitraryServer` configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the `mysql.allow_local_infile` PHP configuration, and the inadvertent ignoring of `options(MYSQLI_OPT_LOCAL_INFILE` calls.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6799","reference_id":"","reference_type":"","scores":[{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98962","published_at":"2026-05-16T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98946","published_at":"2026-04-16T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98947","published_at":"2026-04-18T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98948","published_at":"2026-04-21T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.9895","published_at":"2026-04-24T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98952","published_at":"2026-04-26T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98954","published_at":"2026-04-29T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.9896","published_at":"2026-05-07T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98961","published_at":"2026-05-09T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98963","published_at":"2026-05-11T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98964","published_at":"2026-05-12T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98966","published_at":"2026-05-14T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98967","published_at":"2026-05-15T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98933","published_at":"2026-04-01T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98937","published_at":"2026-04-04T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98939","published_at":"2026-04-07T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98941","published_at":"2026-04-09T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98943","published_at":"2026-04-11T12:55:00Z"},{"value":"0.7658","scoring_system":"epss","scoring_elements":"0.98944","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6799"},{"reference_url":"https://github.com/phpmyadmin/composer","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/composer"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00039.html"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.phpmyadmin.net/security/PMASA-2019-1"},{"reference_url":"https://www.phpmyadmin.net/security/PMASA-2019-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.phpmyadmin.net/security/PMASA-2019-1/"},{"reference_url":"http://www.securityfocus.com/bid/106736","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/106736"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823","reference_id":"920823","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920823"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6799","reference_id":"CVE-2019-6799","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6799"},{"reference_url":"https://github.com/advisories/GHSA-c8wj-q36q-3wg4","reference_id":"GHSA-c8wj-q36q-3wg4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c8wj-q36q-3wg4"},{"reference_url":"https://usn.ubuntu.com/4639-1/","reference_id":"USN-4639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6799","GHSA-c8wj-q36q-3wg4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfja-ssw3-skh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57551?format=json","vulnerability_id":"VCID-zyzp-aqd8-e3a9","summary":"phpMyAdmin Cross-Site Request Forgery (CSRF)\nA CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html"},{"reference_url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922","reference_id":"","reference_type":"","scores":[{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.9749","published_at":"2026-05-15T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97429","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97433","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97441","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97442","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97447","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97456","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.9746","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97459","published_at":"2026-04-21T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97458","published_at":"2026-04-24T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97462","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97466","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97469","published_at":"2026-05-07T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97472","published_at":"2026-05-09T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97474","published_at":"2026-05-11T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.9748","published_at":"2026-05-12T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97489","published_at":"2026-05-16T12:55:00Z"},{"value":"0.4225","scoring_system":"epss","scoring_elements":"0.97422","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12922"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Sep/23","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Sep/23"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161"},{"reference_url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpmyadmin/phpmyadmin/commit/7d21d4223bdbe0306593309132b4263d7087d13b"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBLBE6CSC2ZLINIRBUU5XBLXYVBTF3KA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QJ5BW2VEMD2P23ZYRWHDBEQHOKGKGWD6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YCB3PTGHZ7AJCM6BKCQRRP6HG3OKYCMN"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12922"},{"reference_url":"https://www.exploit-db.com/exploits/47385","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/47385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt","reference_id":"CVE-2019-12922","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/47385.txt"},{"reference_url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4","reference_id":"GHSA-4c9q-64gq-xhx4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4c9q-64gq-xhx4"},{"reference_url":"https://usn.ubuntu.com/USN-4843-1/","reference_id":"USN-USN-4843-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4843-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/935238?format=json","purl":"pkg:deb/debian/phpmyadmin@4:4.9.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935143?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.0.4%2Bdfsg2-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-na3j-h3qr-k7dc"},{"vulnerability":"VCID-ndjn-p6gb-u7g4"},{"vulnerability":"VCID-rqy8-n6fr-hqey"},{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.0.4%252Bdfsg2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935141?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.1%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd8d-c1nk-g7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.1%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935145?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.2-really%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.2-really%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935144?format=json","purl":"pkg:deb/debian/phpmyadmin@4:5.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:5.2.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12922","GHSA-4c9q-64gq-xhx4"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyzp-aqd8-e3a9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/phpmyadmin@4:4.9.1%252Bdfsg1-2%3Fdistro=trixie"}