phpmyadmin/phpmyadmin vulnerabilities

A web interface for MySQL and MariaDB

Latest version: 5.0.2

Licenses detected

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the phpmyadmin/phpmyadmin package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • H
Improper Authorization
>=4.0.0, <4.0.10.19,>=4.4.0, <4.4.15.10,>=4.6.0, <4.6.6 Not available 06 Aug, 2020
  • H
Denial of Service (DoS)
>=4.0.0, <4.0.10.19,>=4.4.0, <4.4.15.10,>=4.6.0, <4.6.6 Not available 06 Aug, 2020
  • H
Denial of Service (DoS)
>=4.0.0, <4.0.10.19,>=4.4.0, <4.4.15.10,>=4.6.0, <4.6.6 Not available 06 Aug, 2020
  • M
Open Redirect
>=4.0.0, <4.0.10.19,>=4.4.0, <4.4.15.10,>=4.6.0, <4.6.6 Not available 06 Aug, 2020
  • M
HTML Injection
>=4.0.0, <4.0.10.19,>=4.4.0, <4.4.15.10,>=4.6.0, <4.6.6 Not available 06 Aug, 2020
  • H
HTTP Header Injection
>=4.6.0, <4.6.6 Not available 30 Jul, 2020
  • H
CRLF Injection
>=0.0.0 Not available 01 Apr, 2020
  • M
SQL Injection
>=4.0.0, <4.9.5,>=5.0.0, <5.0.2 Not available 22 Mar, 2020
  • M
SQL Injection
>=4.0.0, <4.9.5,>=5.0.0, <5.0.2 Not available 22 Mar, 2020
  • M
SQL Injection
>=4.0.0, <4.9.5,>=5.0.0, <5.0.2 Not available 22 Mar, 2020
  • H
SQL Injection
>=4.0.0, <4.9.4,>=5.0.0, <5.0.1 Not available 26 Jan, 2020
  • M
Information Exposure
<4.9.2 Not available 06 Dec, 2019
  • H
SQL Injection
<4.9.2 Not available 22 Nov, 2019
  • M
Cross-Site Request Forgery (CSRF)
>=0.0.0 Not available 15 Sep, 2019
  • H
Cross-site Request Forgery (CSRF)
<4.9.0 Not available 05 Jun, 2019
  • H
SQL Injection
<4.8.6 Not available 05 Jun, 2019
  • H
SQL Injection
>=4.5.0, <4.8.5 Not available 26 Jan, 2019
  • H
Arbitrary File Read
>=4.0.0, <4.8.5 Not available 26 Jan, 2019
  • M
Cross-site Scripting (XSS)
<4.8.4 Not available 12 Dec, 2018
  • M
Cross-site Request Forgery (CSRF)
>=4.7.0, <4.8.4 Not available 12 Dec, 2018
  • H
Information Exposure
>=4.0.0, <4.8.4 Not available 12 Dec, 2018
  • M
Cross-site Scripting (XSS)
<4.8.3 Not available 27 Aug, 2018
  • H
Deserialization of Untrusted Data
<4.0.10.17,>=4.4.0.0, <4.4.15.8,>=4.6.0, <4.6.4 Not available 23 Jul, 2018
  • H
Arbitrary Code Execution
>=4.8.0, <4.8.2 Not available 28 Jun, 2018
  • M
Cross-site Scripting (XSS)
<4.8.2 Not available 28 Jun, 2018
  • H
Access Restriction Bypass
<4.0.10.20,>=4.4.0, <4.7.0 Not available 09 May, 2018
  • H
Cross-site Request Forgery (CSRF)
<4.8.0.1 Not available 02 May, 2018
  • M
Cross-site Scripting (XSS)
<4.7.8 Not available 25 Feb, 2018
  • H
Cross-site Request Forgery (CSRF)
<4.7.7 Not available 18 Feb, 2018