Page 28 of 142 results (0.098 seconds)

CVSS: 7.5EPSS: 3%CPEs: 12EXPL: 4

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0444.html http://archives.neohapsis.com/archives/bugtraq/2004-06/0473.html http://eagle.kecapi.com/sec/fd/phpMyAdmin.html http://secunia.com/advisories/11974 http://securitytracker.com/alerts/2004/Jun/1010614.html http://www.gentoo.org/security/en/glsa/glsa-200407-22.xml http://www.osvdb.org/7315 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-1 http://www.securityfocus.com/bid/10629 https://ex •

CVSS: 10.0EPSS: 1%CPEs: 15EXPL: 1

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters. • https://www.exploit-db.com/exploits/24817 http://marc.info/?l=bugtraq&m=110295781828323&w=2 http://www.exaprobe.com/labs/advisories/esa-2004-1213.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18441 •

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter. • http://marc.info/?l=bugtraq&m=110295781828323&w=2 http://www.exaprobe.com/labs/advisories/esa-2004-1213.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18441 •

CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 2

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. • http://www.netvigilance.com/html/advisory0005.htm http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-3 https://exchange.xforce.ibmcloud.com/vulnerabilities/18158 •

CVSS: 5.0EPSS: 1%CPEs: 29EXPL: 2

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. Vulnerabilidad de atravesamiento de directorios en export.php en phpMyAdmin 2.5.5 y anteriores permite a atacantes remotos leer ficheros arbitrarios mediante secuencias .. (punto punto) en el parámetro what • https://www.exploit-db.com/exploits/23640 http://marc.info/?l=bugtraq&m=107582619125932&w=2 http://secunia.com/advisories/10769 http://security.gentoo.org/glsa/glsa-200402-05.xml http://sourceforge.net/forum/forum.php?forum_id=350228 http://www.osvdb.org/3800 http://www.phpmyadmin.net/home_page/relnotes.php?rel=0 http://www.securityfocus.com/bid/9564 https://exchange.xforce.ibmcloud.com/vulnerabilities/15021 •