Search for vulnerabilities
Vulnerability details: VCID-qzk4-3xtf-r3g4
Vulnerability ID VCID-qzk4-3xtf-r3g4
Aliases CVE-2012-4345
GHSA-r3pq-mp8v-cp33
Summary phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name during table creation, or a (2) Empty link or (3) Drop link for a crafted table name.
Status Published
Exploitability 0.5
Weighted Severity 2.7
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2012-4345
cvssv3.1_qr LOW https://github.com/advisories/GHSA-r3pq-mp8v-cp33
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2012-4345
generic_textual LOW https://web.archive.org/web/20150523055725/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2012:136/?name=MDVSA-2012:136
generic_textual LOW http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2012-4345
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345
https://nvd.nist.gov/vuln/detail/CVE-2012-4345
https://web.archive.org/web/20150523055725/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2012:136/?name=MDVSA-2012:136
http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
GHSA-r3pq-mp8v-cp33 https://github.com/advisories/GHSA-r3pq-mp8v-cp33
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.43514
EPSS Score 0.00209
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:10:35.564973+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r3pq-mp8v-cp33/GHSA-r3pq-mp8v-cp33.json 37.0.0