| Max CVSS | 8.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4096 | 8.5 |
libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_func
|
08-08-2017 - 01:32 | 18-09-2008 - 15:04 | |
| CVE-2008-3456 | 6.4 |
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
|
08-08-2017 - 01:31 | 04-08-2008 - 19:41 | |
| CVE-2008-3457 | 2.6 |
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios i
|
08-08-2017 - 01:31 | 04-08-2008 - 19:41 | |
| CVE-2008-3197 | 3.5 |
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) th
|
08-08-2017 - 01:31 | 16-07-2008 - 18:41 |