Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Database Management

phpMyAdmin

phpMyAdmin is a free software tool written in PHP intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB. Frequently used operations (managing databases tables columns relations indexes users permissions etc) can be performed via the user interface while you still have the ability to directly execute any SQL statement.

Official Site:

https://www.phpmyadmin.net/

Severity Summary:

Critical: 19 High: 47 Medium: 167 Low: 30
Reference
Title
Severity
CVE-2014-8961
phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2016-2038
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-2039
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-2042
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2011-2719
phpMyAdmin Improper Input Validation Vulnerability
Medium
CVE-2016-2043
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-5701
phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Medium
CVE-2016-5705
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-5730
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-5731
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2005-0543
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-4987
phpMyAdmin Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2014-6300
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-5097
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-5098
phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2011-2718
phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2023-25727
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-5029
phpMyAdmin Improper Input Validation Vulnerability
Medium
CVE-2011-4780
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-11441
phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Medium
CVE-2008-1567
phpMyAdmin Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2011-4107
phpMyAdmin Improper Restriction of XML External Entity Reference Vulnerability
Medium
CVE-2022-23808
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-23807
phpMyAdmin Improper Authentication Vulnerability
Medium
CVE-2020-26934
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-10803
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2019-12922
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2019-12616
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2011-4782
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-4634
phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium