Filtered by vendor Phpmyadmin Subscriptions
Filtered by product Phpmyadmin Subscriptions
Total 270 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-0459 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.
CVE-2004-2632 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
CVE-2004-2631 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name.
CVE-2004-2630 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
CVE-2004-1148 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.
CVE-2004-1147 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2004-1055 2 Gentoo, Phpmyadmin 2 Linux, Phpmyadmin 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.
CVE-2004-0129 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter.
CVE-2001-1060 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.
CVE-2001-0478 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 N/A
Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.