CVE-2005-0992 – phpMyAdmin 2.x - Convcharset Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-0992
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter. • https://www.exploit-db.com/exploits/25330 http://marc.info/?l=bugtraq&m=111264361622660&w=2 http://secunia.com/advisories/14799 http://www.arrelnet.com/advisories/adv20050403.html http://www.gentoo.org/security/en/glsa/glsa-200504-08.xml http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3 http://www.securityfocus.com/bid/12982 https://exchange.xforce.ibmcloud.com/vulnerabilities/19940 •
CVE-2005-0459
https://notcve.org/view.php?id=CVE-2005-0459
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message. • http://securitytracker.com/id?1013210 •
CVE-2004-0129 – phpMyAdmin 2.x - 'Export.php' File Disclosure
https://notcve.org/view.php?id=CVE-2004-0129
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. Vulnerabilidad de atravesamiento de directorios en export.php en phpMyAdmin 2.5.5 y anteriores permite a atacantes remotos leer ficheros arbitrarios mediante secuencias .. (punto punto) en el parámetro what • https://www.exploit-db.com/exploits/23640 http://marc.info/?l=bugtraq&m=107582619125932&w=2 http://secunia.com/advisories/10769 http://security.gentoo.org/glsa/glsa-200402-05.xml http://sourceforge.net/forum/forum.php?forum_id=350228 http://www.osvdb.org/3800 http://www.phpmyadmin.net/home_page/relnotes.php?rel=0 http://www.securityfocus.com/bid/9564 https://exchange.xforce.ibmcloud.com/vulnerabilities/15021 •
CVE-2001-1060
https://notcve.org/view.php?id=CVE-2001-1060
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php. • http://freshmeat.net/redir/phpmyadmin/8001/url_changelog http://www.securityfocus.com/archive/1/200596 http://www.securityfocus.com/bid/3121 •
CVE-2001-0478
https://notcve.org/view.php?id=CVE-2001-0478
Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. • http://archives.neohapsis.com/archives/bugtraq/2001-04/0396.html http://www.securityfocus.com/bid/2642 •