phpmyadmin/phpmyadmin vulnerabilities

A web interface for MySQL and MariaDB

Latest version: 4.8.5

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the phpmyadmin/phpmyadmin package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
SQL Injection
>=4.5.0, <4.8.5 Not available 26 Jan, 2019
  • H
Arbitrary File Read
>=4.0.0, <4.8.5 Not available 26 Jan, 2019
  • M
Cross-site Scripting (XSS)
<4.8.4 Not available 12 Dec, 2018
  • M
Cross-site Request Forgery (CSRF)
>=4.7.0, <4.8.4 Not available 12 Dec, 2018
  • H
Information Exposure
>=4.0.0, <4.8.4 Not available 12 Dec, 2018
  • M
Cross-site Scripting (XSS)
<4.8.3 Not available 27 Aug, 2018
  • H
Deserialization of Untrusted Data
<4.0.10.17,>=4.4.0.0, <4.4.15.8,>=4.6.0, <4.6.4 Not available 23 Jul, 2018
  • M
Cross-site Scripting (XSS)
<4.8.2 Not available 28 Jun, 2018
  • H
Arbitrary Code Execution
>=4.8.0, <4.8.2 Not available 28 Jun, 2018
  • H
Access Restriction Bypass
<4.0.10.20,>=4.4.0, <4.7.0 Not available 09 May, 2018
  • H
Cross-site Request Forgery (CSRF)
<4.8.0.1 Not available 02 May, 2018
  • M
Cross-site Scripting (XSS)
<4.7.8 Not available 25 Feb, 2018
  • H
Cross-site Request Forgery (CSRF)
<4.7.7 Not available 18 Feb, 2018
  • M
Man-in-the-Middle (MitM)
<4.5.5.1 Not available 11 Feb, 2018