Homepage

phpmyadmin

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the phpmyadmin package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Information Exposure

*
  • L
Improper Authentication

*
  • L
Cross-site Scripting (XSS)

*
  • L
Resource Exhaustion

*
  • C
SQL Injection

<4:4.6.6-4+deb9u2
  • M
Cross-site Scripting (XSS)

<4:4.6.6-4+deb9u2
  • L
Arbitrary Code Injection

*
  • M
Cross-site Scripting (XSS)

<4:4.6.6-4+deb9u1
  • H
SQL Injection

<4:4.6.6-4+deb9u1
  • H
SQL Injection

<4:4.6.6-4+deb9u1
  • H
SQL Injection

<4:4.6.6-4+deb9u1
  • C
CVE-2019-19617

<4:4.6.6-4+deb9u2
  • L
Cross-site Request Forgery (CSRF)

*
  • M
Cross-site Request Forgery (CSRF)

<4:4.6.6-4+deb9u1
  • C
SQL Injection

<4:4.6.6-4+deb9u1
  • M
CVE-2019-6799

<4:4.6.6-4+deb9u1
  • C
SQL Injection

<4:4.6.6-4+deb9u1
  • M
Cross-site Scripting (XSS)

<4:4.6.6-4+deb9u1
  • M
Information Exposure

<4:4.6.6-4+deb9u1
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Improper Input Validation

<4:4.6.6-1
  • C
CVE-2017-18264

<4:4.6.6-2
  • M
Cross-site Scripting (XSS)

<4:4.6.6-4+deb9u1
  • L
Improper Input Validation

<4:4.6.6-1
  • L
Improper Input Validation

<4:4.6.6-1
  • L
Server-Side Request Forgery (SSRF)

<4:4.6.6-1
  • L
Improper Input Validation

<4:4.6.6-1
  • L
Open Redirect

<4:4.6.6-1
  • L
Cross-site Scripting (XSS)

<4:4.6.6-1
  • H
Server-Side Request Forgery (SSRF)

<4:4.6.6-1
  • L
Cross-site Request Forgery (CSRF)

<4:4.6.5.1-1
  • H
Arbitrary Code Injection

<4:4.6.5.1-1
  • L
Security Features

<4:4.6.5.1-1
  • L
Improper Input Validation

<4:4.6.5.1-1
  • L
Improper Input Validation

<4:4.6.5.1-1
  • C
Security Features

<4:4.6.5.1-1
  • H
SQL Injection

<4:4.6.5.1-1
  • M
Improper Input Validation

<4:4.6.4+dfsg1-1
  • L
Information Exposure

<4:4.6.5.1-1
  • M
Security Features

<4:4.1.7-1
  • H
Cryptographic Issues

<4:4.6.4+dfsg1-1
  • L
Information Exposure

<4:4.6.5.1-1
  • L
Cross-site Scripting (XSS)

<4:4.6.5.1-1
  • H
Arbitrary Command Injection

<4:4.6.4+dfsg1-1
  • M
Directory Traversal

<4:4.6.4+dfsg1-1
  • C
Deserialization of Untrusted Data

<4:4.6.4+dfsg1-1
  • M
Cross-site Scripting (XSS)

<4:4.6.4+dfsg1-1
  • M
Security Features

<4:4.6.4+dfsg1-1
  • M
Resource Management Errors

<4:4.6.4+dfsg1-1
  • L
Information Exposure

<4:4.6.5.1-1
  • L
Cryptographic Issues

<4:4.6.5.1-1
  • H
SQL Injection

<4:4.6.4+dfsg1-1
  • L
Information Exposure

<4:4.6.4+dfsg1-1
  • M
Security Features

<4:4.6.4+dfsg1-1
  • M
Information Exposure

<4:4.6.4+dfsg1-1
  • M
Cross-site Scripting (XSS)

<4:4.6.4+dfsg1-1
  • H
OS Command Injection

<4:4.6.4+dfsg1-1
  • L
Cross-site Scripting (XSS)

<4:4.6.5.1-1
  • L
Information Exposure

<4:4.6.4+dfsg1-1
  • L
Information Exposure

<4:4.6.5.1-1
  • H
SQL Injection

<4:4.6.4+dfsg1-1
  • M
Information Exposure

<4:4.6.4+dfsg1-1
  • L
Security Features

<4:4.6.5.1-1
  • L
Security Features

<4:4.6.5.1-1
  • M
Resource Management Errors

<4:4.6.4+dfsg1-1
  • M
Improper Input Validation

<4:4.6.4+dfsg1-1
  • C
Security Features

<4:4.6.4+dfsg1-1
  • L
Information Exposure

<4:4.6.5.1-1
  • M
Information Exposure

<4:4.6.4+dfsg1-1
  • C
Access Restriction Bypass

<4:4.6.5.1-1
  • L
Improper Input Validation

<4:4.6.5.1-1
  • H
SQL Injection

<4:4.6.4+dfsg1-1
  • M
Security Features

<4:4.6.4+dfsg1-1
  • H
SQL Injection

<4:4.6.4+dfsg1-1
  • L
CVE-2016-6633

<4:4.6.4+dfsg1-1
  • M
Cross-site Scripting (XSS)

<4:4.6.4+dfsg1-1
  • L
Improper Input Validation

<4:4.6.5.1-1
  • M
CVE-2016-6618

<4:4.6.4+dfsg1-1
  • L
Cross-site Scripting (XSS)

<4:4.6.2-1
  • L
Information Exposure

<4:4.6.2-1
  • M
Arbitrary Code Injection

<4:4.6.3-1
  • C
SQL Injection

<4:4.6.3-1
  • C
Arbitrary Code Injection

<4:4.6.3-1
  • L
Resource Management Errors

<4:4.6.3-1
  • L
Cross-site Scripting (XSS)

<4:4.6.3-1
  • M
Cross-site Scripting (XSS)

<4:4.6.3-1
  • L
Information Exposure

<4:4.6.3-1
  • L
Security Features

<4:4.6.3-1
  • H
Information Exposure

<4:4.6.3-1
  • M
Cross-site Scripting (XSS)

<4:4.6.3-1
  • M
Cross-site Scripting (XSS)

<4:4.6.3-1
  • M
Cross-site Scripting (XSS)

<4:4.6.3-1
  • L
Cross-site Scripting (XSS)

<4:4.5.5.1-1
  • L
Improper Input Validation

<4:4.5.5.1-1
  • M
Cross-site Scripting (XSS)

<4:4.5.5.1-1
  • L
Cross-site Scripting (XSS)

<4:4.5.5.1-1
  • L
Information Exposure

<4:4.5.4-1
  • L
Cross-site Scripting (XSS)

<4:4.5.4-1
  • M
Cross-site Scripting (XSS)

<4:4.5.4-1
  • M
Information Exposure

<4:4.5.4-1
  • M
Information Exposure

<4:4.5.4-1
  • H
Credentials Management

<4:4.5.4-1
  • L
Information Exposure

<4:4.5.4-1
  • H
Security Features

<4:4.5.4-1
  • M
Cross-site Scripting (XSS)

<4:4.5.4-1
  • L
Information Exposure

<4:4.5.3.1-1
  • L
Security Features

<4:4.5.1-1
  • L
Information Exposure

<4:4.4.14.1-1
  • L
Cross-site Request Forgery (CSRF)

<4:4.4.6.1-1
  • L
Cryptographic Issues

<4:4.4.6.1-1
  • L
Information Exposure

<4:4.4.4-1
  • L
Cross-site Scripting (XSS)

<4:3.4.5-1
  • L
Cross-site Scripting (XSS)

<4:3.4.5-1
  • L
Resource Management Errors

<4:4.2.12-2
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2
  • M
Directory Traversal

<4:4.2.12-1
  • L
Cross-site Scripting (XSS)

<4:4.2.12-1
  • M
Directory Traversal

<4:4.2.12-1
  • L
Cross-site Scripting (XSS)

<4:4.2.12-1
  • M
Cross-site Scripting (XSS)

<4:4.2.8.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.10.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.9.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.7.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.7.1-1
  • L
Access Restriction Bypass

<4:4.2.6-1
  • L
Cross-site Scripting (XSS)

<4:4.2.6-1
  • L
Cross-site Scripting (XSS)

<4:4.2.6-1
  • L
Cross-site Scripting (XSS)

<4:4.2.6-1
  • L
Cross-site Scripting (XSS)

<4:4.2.5-1
  • L
Cross-site Scripting (XSS)

<4:4.2.5-1
  • L
Cross-site Scripting (XSS)

<4:4.1.7-1
  • M
Improper Input Validation

<4:4.0.5-1
  • L
Information Exposure

<4:4.0.4.2-1
  • M
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • L
Information Exposure

<4:4.0.4.2-1
  • M
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • L
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • L
Information Exposure

<4:4.0.4.2-1
  • L
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • L
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • M
SQL Injection

<4:4.0.4.2-1
  • L
Cross-site Scripting (XSS)

<4:4.0.1-3
  • M
Access Restriction Bypass

<4:4.0.4.1-1
  • M
Arbitrary Code Injection

<4:3.4.11.1-2
  • L
Cross-site Scripting (XSS)

<4:3.4.11.1-1
  • L
Cross-site Scripting (XSS)

<4:3.4.11.1-1
  • L
Information Exposure

<4:4.0.1-1
  • L
Cross-site Scripting (XSS)

<4:3.4.10.1-1
  • L
Information Exposure

<4:3.4.10.2-1
  • M
Cross-site Scripting (XSS)

<4:3.4.1-1
  • M
Improper Input Validation

<4:3.4.1-1
  • L
Cross-site Scripting (XSS)

<4:3.4.8-1
  • L
Cross-site Scripting (XSS)

<4:3.4.9-1
  • L
Cross-site Scripting (XSS)

<4:3.4.9-1
  • M
Information Exposure

<4:3.4.7.1-1
  • L
Improper Input Validation

<4:3.4.6-1
  • L
Cross-site Scripting (XSS)

<4:3.4.6-1
  • M
Cross-site Scripting (XSS)

<4:3.4.4-1
  • M
Directory Traversal

<4:3.4.3.2-1
  • M
Directory Traversal

<4:3.4.3.2-1
  • L
Improper Input Validation

<4:3.4.3.2-1
  • L
Cross-site Scripting (XSS)

<4:3.4.3.2-1
  • M
Directory Traversal

<4:3.4.3.1-1
  • L
Arbitrary Code Injection

<4:3.4.3.1-1
  • M
Arbitrary Code Injection

<4:3.4.3.1-1
  • L
Arbitrary Code Injection

<4:3.4.3.1-1
  • M
Improper Input Validation

<4:3.3.9.2-1
  • L
Improper Input Validation

<4:3.3.9.2-1
  • M
Improper Authentication

<4:3.3.7-3
  • M
Cross-site Scripting (XSS)

<4:3.3.7-3
  • M
Cross-site Scripting (XSS)

<4:3.3.7-2
  • L
Cross-site Scripting (XSS)

<4:3.3.7-1
  • M
Cross-site Scripting (XSS)

<4:3.3.6-1
  • M
Cross-site Scripting (XSS)

<4:3.3.5.1-1
  • H
Access Restriction Bypass

<4:3.0.0
  • C
Cryptographic Issues

<4:3.0.0-1
  • M
CVE-2009-4605

<4:3.2.4-1
  • C
Access Restriction Bypass

<4:3.0.0-1
  • M
Cross-site Scripting (XSS)

<4:3.2.2.1-1
  • H
SQL Injection

<4:3.2.2.1-1
  • M
Cross-site Scripting (XSS)

<4:3.2.0.1-1
  • L
Arbitrary Code Injection

<4:3.1.3.2-1
  • M
Directory Traversal

<4:3.1.3.1-1
  • H
Improper Input Validation

<4:3.1.3.1-1
  • C
Arbitrary Code Injection

<4:3.1.3.1-1
  • M
Cross-site Scripting (XSS)

<4:3.1.3.1-1
  • M
Cross-site Request Forgery (CSRF)

<4:2.11.8.1-5
  • L
Cross-site Scripting (XSS)

<4:2.11.8.1-4
  • M
Cross-site Scripting (XSS)

<4:2.11.8.1-3
  • M
Improper Input Validation

<4:2.11.8.1-2
  • L
Link Following

<4:2.11.8~rc1-1
  • L
Cross-site Scripting (XSS)

<4:2.11.8~rc1-1
  • L
Cross-site Request Forgery (CSRF)

<4:2.11.7.1-1
  • L
Cross-site Scripting (XSS)

<4:2.11.7~rc2-1
  • L
Information Exposure

<4:2.11.5.2-1
  • M
Information Exposure

<2.11.5.1
  • L
Cross-site Request Forgery (CSRF)

<4:2.11.5-1
  • L
Cross-site Scripting (XSS)

<4:2.11.2.2-1
  • L
SQL Injection

<4:2.11.2.1-1
  • L
Cross-site Scripting (XSS)

<4:2.11.2.1-1
  • M
Cross-site Scripting (XSS)

<4:2.11.1.2-1
  • M
Cross-site Scripting (XSS)

<4:2.11.1.2-1
  • L
CVE-2007-4306

*
  • L
CVE-2007-2245

<4:2.10.1-1
  • L
CVE-2007-2016

<4:2.6.2-3
  • M
CVE-2007-1395

<4:2.10.0.2-1
  • M
CVE-2007-1325

<4:2.10.0.2-1
  • M
CVE-2006-6944

<4:2.9.1.1-2
  • L
Improper Input Validation

<4:2.9.1.1-2
  • M
Cross-site Scripting (XSS)

<4:2.9.1.1-2
  • M
CVE-2007-0341

<4:2.9.1.1-2
  • L
CVE-2007-0203

<4:2.9.1.1-2
  • L
CVE-2007-0204

<4:2.9.1.1-2
  • L
CVE-2007-0095

<4:2.9.1.1-1
  • L
CVE-2006-6373

<4:2.9.1.1-1
  • L
CVE-2006-5718

<4:2.9.0.3-1
  • L
CVE-2006-5116

<4:2.9.0.2-0.1
  • L
CVE-2006-5117

<4:2.9.0.2-0.1
  • L
CVE-2006-3388

<4:2.8.2-0.1
  • M
Cross-site Scripting (XSS)

<4:2.8.1-1
  • M
CVE-2006-2418

<4:2.8.1-1
  • L
CVE-2006-2031

<4:2.8.1-1
  • L
CVE-2006-1804

<4:2.8.1-1
  • L
CVE-2006-1803

<4:2.8.1-1
  • M
CVE-2006-1678

<4:2.8.0.3-1
  • M
CVE-2006-1258

<4:2.8.0.2-2
  • L
SQL Injection

<4:3.2.0-1
  • M
CVE-2005-3665

<4:2.6.4-pl4-2
  • M
CVE-2005-3787

<4:2.6.4-pl4-1
  • M
CVE-2005-3621

<4:2.6.4-pl4-1
  • L
CVE-2005-3622

*
  • M
CVE-2005-3301

<4:2.6.4-pl3-1
  • H
CVE-2005-3299

<4:2.6.4-pl2-1
  • H
CVE-2005-3300

<4:2.6.4-pl3-1
  • M
CVE-2005-2869

<4:2.6.4-pl1-1
  • M
CVE-2005-0992

<3:2.6.2-rc1-1
  • H
CVE-2005-0567

<3:2.6.1-pl2-1
  • L
CVE-2005-0459

<4:2.6.2
  • M
CVE-2005-0544

<3:2.6.1-pl2-1
  • M
CVE-2005-0653

<3:2.6.1-pl3-1
  • M
CVE-2004-1055

<2:2.6.0-pl3-1
  • M
Cross-site Scripting (XSS)

<3:2.6.1-pl2-1
  • M
CVE-2004-1148

<2:2.6.1-rc1-1
  • C
CVE-2004-1147

<2:2.6.1-rc1-1
  • H
CVE-2004-2631

<1:2.5.7-pl1-1
  • H
CVE-2004-2632

<1:2.5.7-pl1-1
  • H
CVE-2004-2630

<2:2.6.0-pl2-1
  • M
CVE-2004-0129

<2:2.6.0-pl2