phpmyadmin vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the phpmyadmin package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u9
  • H
SQL Injection

<4:4.2.12-2+deb8u9
  • H
SQL Injection

<4:4.2.12-2+deb8u8
  • C
CVE-2019-19617

<4:4.2.12-2+deb8u7
  • M
Cross-site Request Forgery (CSRF)

*
  • M
Cross-site Request Forgery (CSRF)

<4:4.2.12-2+deb8u6
  • M
CVE-2019-6799

<4:4.2.12-2+deb8u5
  • H
Cross-site Request Forgery (CSRF)

*
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u4
  • M
Information Exposure

<4:4.2.12-2+deb8u4
  • C
Improper Input Validation

*
  • C
CVE-2017-18264

<4:4.2.12-2+deb8u3
  • H
Improper Input Validation

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Input Validation

*
  • M
Open Redirect

*
  • H
Server-Side Request Forgery (SSRF)

*
  • H
Improper Input Validation

*
  • H
Server-Side Request Forgery (SSRF)

<4:4.2.12-2+deb8u3
  • H
SQL Injection

<4:4.2.12-2+deb8u6
  • C
Cross-site Request Forgery (CSRF)

*
  • M
Improper Input Validation

*
  • C
Security Features

<4:4.2.12-2+deb8u3
  • H
Security Features

<4:4.2.12-2+deb8u6
  • H
OS Command Injection

<4:4.2.12-2+deb8u6
  • M
CVE-2016-6618

<4:4.2.12-2+deb8u3
  • M
Security Features

<4:4.2.12-2+deb8u6
  • M
Information Exposure

<4:4.2.12-2+deb8u6
  • M
Cryptographic Issues

*
  • M
Directory Traversal

<4:4.2.12-2+deb8u3
  • H
SQL Injection

<4:4.2.12-2+deb8u6
  • C
Access Restriction Bypass

<4:4.2.12-2+deb8u6
  • H
CVE-2016-6633

*
  • M
Information Exposure

*
  • H
SQL Injection

<4:4.2.12-2+deb8u3
  • H
SQL Injection

<4:4.2.12-2+deb8u3
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u3
  • M
Resource Management Errors

<4:4.2.12-2+deb8u3
  • M
Cross-site Scripting (XSS)

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • C
Security Features

*
  • M
Information Exposure

*
  • M
Improper Input Validation

*
  • M
Information Exposure

<4:4.2.12-2+deb8u6
  • M
Resource Management Errors

<4:4.2.12-2+deb8u6
  • C
Deserialization of Untrusted Data

<4:4.2.12-2+deb8u3
  • M
Improper Input Validation

*
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u6
  • M
Information Exposure

*
  • M
Improper Input Validation

*
  • M
Security Features

<4:4.2.12-2+deb8u6
  • M
Cross-site Scripting (XSS)

*
  • M
Information Exposure

*
  • M
Security Features

<4:4.2.12-2+deb8u6
  • H
Arbitrary Command Injection

<4:4.2.12-2+deb8u3
  • M
Improper Input Validation

<4:4.2.12-2+deb8u6
  • M
Security Features

<4:4.2.12-2+deb8u6
  • H
Cryptographic Issues

<4:4.2.12-2+deb8u6
  • M
Information Exposure

<4:4.2.12-2+deb8u6
  • M
Information Exposure

*
  • M
Security Features

<4:4.1.7-1
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u2
  • M
Information Exposure

*
  • C
Arbitrary Code Injection

*
  • M
Arbitrary Code Injection

<4:4.2.12-2+deb8u2
  • L
Security Features

*
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u2
  • H
Resource Management Errors

<4:4.2.12-2+deb8u2
  • H
Information Exposure

<4:4.2.12-2+deb8u2
  • M
Information Exposure

*
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u2
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u2
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u2
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u2
  • M
Information Exposure

*
  • H
Security Features

<4:4.2.12-2+deb8u2
  • M
Information Exposure

<4:4.2.12-2+deb8u2
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u2
  • H
Credentials Management

<4:4.2.12-2+deb8u2
  • M
Cross-site Scripting (XSS)

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Security Features

<4:4.2.12-2+deb8u1
  • M
Information Exposure

<4:4.2.12-2+deb8u1
  • M
Cryptographic Issues

<4:4.2.12-2+deb8u1
  • M
Cross-site Request Forgery (CSRF)

<4:4.2.12-2+deb8u1
  • M
Information Exposure

<4:4.2.12-2+deb8u1
  • L
Cross-site Scripting (XSS)

<4:3.4.5-1
  • L
Cross-site Scripting (XSS)

<4:3.4.5-1
  • M
Resource Management Errors

<4:4.2.12-2+deb8u1
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2
  • M
Directory Traversal

<4:4.2.12-1
  • M
Cross-site Scripting (XSS)

<4:4.2.12-2+deb8u1
  • M
Directory Traversal

<4:4.2.12-1
  • L
Cross-site Scripting (XSS)

<4:4.2.12-1
  • M
Cross-site Scripting (XSS)

<4:4.2.8.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.10.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.9.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.7.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.7.1-1
  • L
Cross-site Scripting (XSS)

<4:4.2.6-1
  • L
Cross-site Scripting (XSS)

<4:4.2.6-1
  • L
Cross-site Scripting (XSS)

<4:4.2.6-1
  • M
Access Restriction Bypass

<4:4.2.6-1
  • L
Cross-site Scripting (XSS)

<4:4.2.5-1
  • L
Cross-site Scripting (XSS)

<4:4.2.5-1
  • L
Cross-site Scripting (XSS)

<4:4.1.7-1
  • M
Improper Input Validation

<4:4.0.5-1
  • M
Information Exposure

<4:4.0.4.2-1
  • L
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • L
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • M
Information Exposure

<4:4.0.4.2-1
  • M
SQL Injection

<4:4.0.4.2-1
  • M
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • M
Information Exposure

<4:4.0.4.2-1
  • L
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • M
Cross-site Scripting (XSS)

<4:4.0.4.2-1
  • M
Access Restriction Bypass

<4:4.0.4.1-1
  • L
Cross-site Scripting (XSS)

<4:4.0.1-3
  • M
Arbitrary Code Injection

<4:3.4.11.1-2
  • L
Cross-site Scripting (XSS)

<4:3.4.11.1-1
  • L
Cross-site Scripting (XSS)

<4:3.4.11.1-1
  • M
Information Exposure

<4:4.0.1-1
  • M
Cross-site Scripting (XSS)

<4:3.4.10.1-1
  • M
Information Exposure

<4:3.4.10.2-1
  • M
Improper Input Validation

<4:3.4.1-1
  • M
Cross-site Scripting (XSS)

<4:3.4.1-1
  • M
Cross-site Scripting (XSS)

<4:3.4.9-1
  • M
Cross-site Scripting (XSS)

<4:3.4.8-1
  • M
Cross-site Scripting (XSS)

<4:3.4.9-1
  • M
Information Exposure

<4:3.4.7.1-1
  • M
Improper Input Validation

<4:3.4.6-1
  • M
Cross-site Scripting (XSS)

<4:3.4.6-1
  • M
Cross-site Scripting (XSS)

<4:3.4.4-1
  • M
Directory Traversal

<4:3.4.3.2-1
  • M
Improper Input Validation

<4:3.4.3.2-1
  • M
Directory Traversal

<4:3.4.3.2-1
  • L
Cross-site Scripting (XSS)

<4:3.4.3.2-1
  • M
Directory Traversal

<4:3.4.3.1-1
  • M
Arbitrary Code Injection

<4:3.4.3.1-1
  • H
Arbitrary Code Injection

<4:3.4.3.1-1
  • M
Arbitrary Code Injection

<4:3.4.3.1-1
  • M
Improper Input Validation

<4:3.3.9.2-1
  • M
Improper Input Validation

<4:3.3.9.2-1
  • M
Improper Authentication

<4:3.3.7-3
  • M
Cross-site Scripting (XSS)

<4:3.3.7-3
  • M
Cross-site Scripting (XSS)

<4:3.3.7-2
  • M
Cross-site Scripting (XSS)

<4:3.3.7-1
  • M
Cross-site Scripting (XSS)

<4:3.3.6-1
  • H
Access Restriction Bypass

<4:3.0.0
  • M
Cross-site Scripting (XSS)

<4:3.3.5.1-1
  • C
Cryptographic Issues

<4:3.0.0-1
  • C
Access Restriction Bypass

<4:3.0.0-1
  • M
CVE-2009-4605

<4:3.2.4-1
  • H
SQL Injection

<4:3.2.2.1-1
  • M
Cross-site Scripting (XSS)

<4:3.2.2.1-1
  • M
Cross-site Scripting (XSS)

<4:3.2.0.1-1
  • H
Arbitrary Code Injection

<4:3.1.3.2-1
  • M
Cross-site Scripting (XSS)

<4:3.1.3.1-1
  • C
Arbitrary Code Injection

<4:3.1.3.1-1
  • H
Improper Input Validation

<4:3.1.3.1-1
  • M
Directory Traversal

<4:3.1.3.1-1
  • M
Cross-site Request Forgery (CSRF)

<4:2.11.8.1-5
  • L
Cross-site Scripting (XSS)

<4:2.11.8.1-4
  • M
Cross-site Scripting (XSS)

<4:2.11.8.1-3
  • H
Improper Input Validation

<4:2.11.8.1-2
  • M
Link Following

<4:2.11.8~rc1-1
  • L
Cross-site Scripting (XSS)

<4:2.11.8~rc1-1
  • L
Cross-site Request Forgery (CSRF)

<4:2.11.7.1-1
  • L
Cross-site Scripting (XSS)

<4:2.11.7~rc2-1
  • L
Information Exposure

<4:2.11.5.2-1
  • M
Information Exposure

<2.11.5.1
  • M
Cross-site Request Forgery (CSRF)

<4:2.11.5-1
  • L
Cross-site Scripting (XSS)

<4:2.11.2.2-1
  • M
SQL Injection

<4:2.11.2.1-1
  • L
Cross-site Scripting (XSS)

<4:2.11.2.1-1
  • M
Cross-site Scripting (XSS)

<4:2.11.1.2-1
  • M
Cross-site Scripting (XSS)

<4:2.11.1.2-1
  • M
CVE-2007-4306

*
  • M
CVE-2007-2245

<4:2.10.1-1
  • M
CVE-2007-2016

<4:2.6.2-3
  • M
CVE-2007-1395

<4:2.10.0.2-1
  • M
CVE-2007-1325

<4:2.10.0.2-1
  • M
Improper Input Validation

<4:2.9.1.1-2
  • M
Cross-site Scripting (XSS)

<4:2.9.1.1-2
  • H
CVE-2006-6944

<4:2.9.1.1-2
  • M
CVE-2007-0341

<4:2.9.1.1-2
  • C
CVE-2007-0203

<4:2.9.1.1-2
  • M
CVE-2007-0204

<4:2.9.1.1-2
  • M
CVE-2007-0095

<4:2.9.1.1-1
  • M
CVE-2006-6373

<4:2.9.1.1-1
  • M
CVE-2006-5718

<4:2.9.0.3-1
  • M
CVE-2006-5116

<4:2.9.0.2-0.1
  • M
CVE-2006-5117

<4:2.9.0.2-0.1
  • M
CVE-2006-3388

<4:2.8.2-0.1
  • M
CVE-2006-2418

<4:2.8.1-1
  • M
Cross-site Scripting (XSS)

<4:2.8.1-1
  • L
CVE-2006-2031

<4:2.8.1-1
  • H
CVE-2006-1804

<4:2.8.1-1
  • M
CVE-2006-1803

<4:2.8.1-1
  • M
CVE-2006-1678

<4:2.8.0.3-1
  • M
CVE-2006-1258

<4:2.8.0.2-2
  • M
SQL Injection

<4:3.2.0-1
  • M
CVE-2005-3665

<4:2.6.4-pl4-2
  • M
CVE-2005-3787

<4:2.6.4-pl4-1
  • M
CVE-2005-3622

*
  • M
CVE-2005-3621

<4:2.6.4-pl4-1
  • M
CVE-2005-3301

<4:2.6.4-pl3-1
  • M
CVE-2005-3300

<4:2.6.4-pl3-1
  • M
CVE-2005-3299

<4:2.6.4-pl2-1
  • M
CVE-2005-2869

<4:2.6.4-pl1-1
  • M
CVE-2005-0544

<3:2.6.1-pl2-1
  • M
CVE-2005-0459

<4:2.6.2
  • H
CVE-2005-0567

<3:2.6.1-pl2-1
  • M
CVE-2005-0992

<3:2.6.2-rc1-1
  • M
CVE-2005-0653

<3:2.6.1-pl3-1
  • M
CVE-2004-1055

<2:2.6.0-pl3-1
  • M
Cross-site Scripting (XSS)

<3:2.6.1-pl2-1
  • C
CVE-2004-1147

<2:2.6.1-rc1-1
  • M
CVE-2004-1148

<2:2.6.1-rc1-1
  • H
CVE-2004-2632

<1:2.5.7-pl1-1
  • H
CVE-2004-2631

<1:2.5.7-pl1-1
  • H
CVE-2004-2630

<2:2.6.0-pl2-1
  • M
CVE-2004-0129

<2:2.6.0-pl2