Search for packages
Package details: pkg:composer/phpmyadmin/phpmyadmin@3.0.0
purl pkg:composer/phpmyadmin/phpmyadmin@3.0.0
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-2tqn-e8c9-wfc2
Aliases:
CVE-2010-2958
GHSA-frv8-xjcp-hrm2
phpMyAdmin Cross-site Scripting vulnerability Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages (aka debugging messages), a different vulnerability than CVE-2010-3056.
3.3.6
Affected by 0 other vulnerabilities.
VCID-pgp8-88t4-m7a6
Aliases:
CVE-2009-3696
GHSA-5pvv-f8h3-gw96
phpMyAdmin Cross-site Scripting In MySQL Table Name Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
3.2.2+1
Affected by 0 other vulnerabilities.
VCID-r7gb-sdkq-kfc6
Aliases:
CVE-2011-2505
GHSA-vqcm-r62w-w437
phpMyAdmin remote variable manipulation `libraries/auth/swekey/swekey.auth.lib.php` in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the `SESSION` superglobal array via a crafted request, related to a "remote variable manipulation vulnerability."
3.3.10+2
Affected by 0 other vulnerabilities.
3.4.3+1
Affected by 0 other vulnerabilities.
VCID-rsrn-hcvf-8qhp
Aliases:
CVE-2011-2506
GHSA-p6h7-29r2-g88f
phpMyAdmin vulnerable to static code injection `setup/lib/ConfigGenerator.class.php` in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.
3.3.10+2
Affected by 0 other vulnerabilities.
3.4.3+1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-02T12:43:10.920777+00:00 GHSA Importer Affected by VCID-2tqn-e8c9-wfc2 https://github.com/advisories/GHSA-frv8-xjcp-hrm2 37.0.0
2025-08-02T12:41:58.461721+00:00 GHSA Importer Affected by VCID-r7gb-sdkq-kfc6 https://github.com/advisories/GHSA-vqcm-r62w-w437 37.0.0
2025-08-02T12:41:58.405710+00:00 GHSA Importer Affected by VCID-rsrn-hcvf-8qhp https://github.com/advisories/GHSA-p6h7-29r2-g88f 37.0.0
2025-08-02T09:10:21.937593+00:00 GitLab Importer Affected by VCID-2tqn-e8c9-wfc2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2010-2958.yml 37.0.0
2025-07-31T12:32:12.363668+00:00 GHSA Importer Affected by VCID-pgp8-88t4-m7a6 https://github.com/advisories/GHSA-5pvv-f8h3-gw96 37.0.0
2025-07-31T09:28:01.863694+00:00 GitLab Importer Affected by VCID-rsrn-hcvf-8qhp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2011-2506.yml 37.0.0
2025-07-31T09:28:00.055190+00:00 GitLab Importer Affected by VCID-r7gb-sdkq-kfc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2011-2505.yml 37.0.0
2025-07-31T09:26:53.672101+00:00 GitLab Importer Affected by VCID-pgp8-88t4-m7a6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmyadmin/phpmyadmin/CVE-2009-3696.yml 37.0.0