phpmyadmin developer team
Databasesoss-project
Top products
Latest CVEs
The 11 most recently published vulnerabilities affecting phpmyadmin developer team.
- CVE-2025-24530An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.6.4
- CVE-2025-24529An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.6.4
- CVE-2023-25727In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.5.4
- CVE-2022-0813PhpMyAdmin exposure of sensitive information5.3
- CVE-2020-22278phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents.8.8
- CVE-2020-26934phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.6.1
- CVE-2020-26935An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search fe...9.8
- CVE-2019-12922A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.6.5
- CVE-2019-11768An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.9.8
- CVE-2018-12613An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where p...8.8
- CVE-2009-1151Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the s...KEV9.8