This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:phpmyadmin:phpmyadmin:2.10.0.2
Detail
VendorPhpmyadminFirst view 2007-10-19
ProductPhpmyadminLast view2014-02-20
Version2.10.0.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:phpmyadmin:phpmyadmin

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
3.52014-02-20CVE-2014-1879NetworkMediumRequires ...
4.32013-04-16CVE-2013-1937NetworkMediumNone Requ...
2.62011-08-01CVE-2011-2642NetworkHighNone Requ...
52010-12-17CVE-2010-4481NetworkLowNone Requ...
4.32009-07-01CVE-2009-2284NetworkMediumNone Requ...
Hide | Show 16 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52009-03-26CVE-2009-1151NetworkLowNone Requ...
7.52009-03-26CVE-2009-1149NetworkLowNone Requ...
52009-03-26CVE-2009-1148NetworkLowNone Requ...
4.32008-09-30CVE-2008-4326NetworkMediumNone Requ...
8.52008-09-18CVE-2008-4096NetworkMediumRequires ...
2.62008-08-04CVE-2008-3457NetworkHighNone Requ...
6.42008-08-04CVE-2008-3456NetworkLowNone Requ...
3.52008-07-16CVE-2008-3197NetworkMediumRequires ...
2.62008-07-02CVE-2008-2960NetworkHighNone Requ...
3.52008-04-23CVE-2008-1924NetworkMediumRequires ...
2.12008-03-31CVE-2008-1567LocalLowNone Requ...
5.12008-03-04CVE-2008-1149NetworkHighNone Requ...
2.62007-11-23CVE-2007-6100NetworkHighNone Requ...
3.52007-11-14CVE-2007-5977NetworkMediumRequires ...
6.52007-11-14CVE-2007-5976NetworkLowRequires ...
4.32007-10-19CVE-2007-5589NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
45% (10)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
9% (2)CWE-352Cross-Site Request Forgery (CSRF)
9% (2)CWE-200Information Exposure
9% (2)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
9% (2)CWE-20Improper Input Validation
Hide | Show 4 More...
%idName
4% (1)CWE-287Improper Authentication
4% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
4% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')
4% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-37Lifting Data Embedded in Client Distributions
CAPEC-65Passively Sniff and Capture Application Code Bound for Authorized Client
CAPEC-117Data Interception Attacks
CAPEC-155Screen Temporary Files for Sensitive Information
Hide | Show 7 More...
idName
CAPEC-157Sniffing Attacks
CAPEC-167Lifting Sensitive Data from the Client
CAPEC-204Lifting cached, sensitive data embedded in client distributions (thick or thin)
CAPEC-205Lifting credential(s)/key material embedded in client distributions (thick or...
CAPEC-258Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-259Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-260Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:7579DSA-1824 phpmyadmin -- several vulnerabilities
oval:org.mitre.oval:def:13714DSA-1824-1 phpmyadmin -- several
oval:org.mitre.oval:def:8041DSA-1557 phpmyadmin -- insufficient input sanitising
oval:org.mitre.oval:def:18667DSA-1557-1 phpmyadmin - several vulnerabilities
oval:org.mitre.oval:def:24956DSA-2975-1 -- phpmyadmin - security update
Hide | Show 5 More...
idName
oval:org.mitre.oval:def:12744DSA-2286-1 phpymadmin -- several
oval:org.mitre.oval:def:8223DSA-1675 phpmyadmin -- insufficient input sanitising
oval:org.mitre.oval:def:19750DSA-1675-1 phpmyadmin - cross site scripting
oval:org.mitre.oval:def:8155DSA-1641 phpmyadmin -- several vulnerabilities
oval:org.mitre.oval:def:20117DSA-2139-1 phpmyadmin - several

Open Source Vulnerability Database (OSVDB)

idDescription
74109phpMyAdmin Table Print View Table Name Parameter XSS
69932phpMyAdmin phpinfo.php Direct Request Authentication Bypass
55514phpMyAdmin Crafted SQL Bookmark XSS
53227phpMyAdmin BLOB Streaming Feature bs_disp_as_mime_type.php Multiple Parameter...
53226phpMyAdmin BLOB Streaming Feature bs_disp_as_mime_type.php file_path Paramete...
Hide | Show 15 More...
idDescription
53076phpMyAdmin setup.php save Action Arbitrary PHP Code Injection
48480phpMyAdmin libraries/js_escape.lib.php PMA_escapeJsString() Function MSIE Nul...
48154phpMyAdmin server_databases.php sort_by Variable Arbitrary PHP Code Execution
47487phpMyAdmin setup.php Configuration Manipulation Based XSS
47486phpMyAdmin setup.php Cross-Frame Scripting
47322phpMyAdmin index.php Multiple Parameter CSRF
47321phpMyAdmin db_create.php db Parameter CSRF
46511phpMyAdmin /libraries Multiple Scripts Unspecified XSS
44577phpMyAdmin Crafted HTTP Request UploadDir Parameter Arbitrary File Access
43908phpMyAdmin Session Data Credential / Secret Key Disclosure
43051phpMyAdmin Crafted Cookie $_REQUEST Superglobal Overwrite
38835phpMyAdmin index.php convcharset Parameter XSS
38714phpMyAdmin db_create.php db Parameter XSS
38713phpMyAdmin db_create.php db Parameter SQL Injection
37939phpMyAdmin server_status.php URL XSS

ExploitDB Exploits

idDescription
16913PhpMyAdmin Config File Code Injection
8921phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-02-12Name : Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)
File : nvt/glsa_201201_01.nasl
2011-08-18Name : Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)
File : nvt/gb_mandriva_MDVSA_2011_124.nasl
2011-08-12Name : Fedora Update for phpMyAdmin FEDORA-2011-9725
File : nvt/gb_fedora_2011_9725_phpMyAdmin_fc14.nasl
2011-08-12Name : Fedora Update for phpMyAdmin FEDORA-2011-9734
File : nvt/gb_fedora_2011_9734_phpMyAdmin_fc15.nasl
2011-08-07Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin24.nasl
Hide | Show 20 More...
idDescription
2011-04-01Name : Fedora Update for phpMyAdmin FEDORA-2011-3733
File : nvt/gb_fedora_2011_3733_phpMyAdmin_fc13.nasl
2011-04-01Name : Fedora Update for phpMyAdmin FEDORA-2011-3737
File : nvt/gb_fedora_2011_3737_phpMyAdmin_fc14.nasl
2011-03-07Name : Debian Security Advisory DSA 2139-1 (phpmyadmin)
File : nvt/deb_2139_1.nasl
2011-01-11Name : Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)
File : nvt/gb_mandriva_MDVSA_2011_000.nasl
2010-12-27Name : phpMyAdmin 'phpinfo.php' Security bypass Vulnerability
File : nvt/gb_phpmyadmin_security_bypass_vuln.nasl
2009-08-17Name : Mandrake Security Advisory MDVSA-2009:192 (phpmyadmin)
File : nvt/mdksa_2009_192.nasl
2009-07-06Name : Gentoo Security Advisory GLSA 200906-03 (phpmyadmin)
File : nvt/glsa_200906_03.nasl
2009-07-06Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin19.nasl
2009-07-06Name : Fedora Core 11 FEDORA-2009-7329 (phpMyAdmin)
File : nvt/fcore_2009_7329.nasl
2009-07-06Name : Fedora Core 9 FEDORA-2009-7337 (phpMyAdmin)
File : nvt/fcore_2009_7337.nasl
2009-07-06Name : Fedora Core 10 FEDORA-2009-7340 (phpMyAdmin)
File : nvt/fcore_2009_7340.nasl
2009-07-03Name : phpMyAdmin SQL bookmark XSS Vulnerability
File : nvt/gb_phpmyadmin_sql_bookmark_xss_vuln.nasl
2009-06-30Name : Debian Security Advisory DSA 1824-1 (phpmyadmin)
File : nvt/deb_1824_1.nasl
2009-06-30Name : Ubuntu USN-792-1 (openssl)
File : nvt/ubuntu_792_1.nasl
2009-06-15Name : Ubuntu USN-785-1 (ipsec-tools)
File : nvt/ubuntu_785_1.nasl
2009-06-05Name : Ubuntu USN-776-2 (kvm)
File : nvt/ubuntu_776_2.nasl
2009-05-25Name : Mandrake Security Advisory MDVSA-2009:115 (phpMyAdmin)
File : nvt/mdksa_2009_115.nasl
2009-04-20Name : phpMyAdmin Multiple Vulnerabilities
File : nvt/gb_phpmyadmin_mult_vuln_apr09.nasl
2009-04-06Name : SuSE Security Summary SUSE-SR:2009:008
File : nvt/suse_sr_2009_008.nasl
2009-03-31Name : Fedora Core 9 FEDORA-2009-2984 (phpMyAdmin)
File : nvt/fcore_2009_2984.nasl

Snort® IPS/IDS

DateDescription
2014-01-10Setup.php access
RuleID : 2281-community - Type : SERVER-WEBAPP - Revision : 15
2014-01-10Setup.php access
RuleID : 2281 - Type : SERVER-WEBAPP - Revision : 15

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2014-8577.nasl - Type : ACT_GATHER_INFO
2014-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2014-8581.nasl - Type : ACT_GATHER_INFO
2014-07-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2975.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-193.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-524.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-02-26Name : The remote web server hosts a PHP application that is affected by a cross-sit...
File : phpmyadmin_pmasa_2014_1.nasl - Type : ACT_GATHER_INFO
2014-02-22Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-046.nasl - Type : ACT_GATHER_INFO
2014-02-17Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_0871d18b963811e3a3716805ca0b3d42.nasl - Type : ACT_GATHER_INFO
2013-11-05Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201311-02.nasl - Type : ACT_GATHER_INFO
2013-04-24Name : The remote web server hosts a PHP application that is affected by multiple cr...
File : phpmyadmin_visualization_multiple_xss.nasl - Type : ACT_GATHER_INFO
2013-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2013-5604.nasl - Type : ACT_GATHER_INFO
2013-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2013-5620.nasl - Type : ACT_GATHER_INFO
2013-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2013-5623.nasl - Type : ACT_GATHER_INFO
2013-04-22Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_7280c3f6a99a11e28cef6805ca0b3d42.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2013-144.nasl - Type : ACT_GATHER_INFO
2012-01-05Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201201-01.nasl - Type : ACT_GATHER_INFO
2011-08-05Name : The remote Fedora host is missing a security update.
File : fedora_2011-9725.nasl - Type : ACT_GATHER_INFO
2011-08-05Name : The remote Fedora host is missing a security update.
File : fedora_2011-9734.nasl - Type : ACT_GATHER_INFO
2011-07-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2286.nasl - Type : ACT_GATHER_INFO
2011-07-26Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_d79fc873b5f911e089b4001ec9578670.nasl - Type : ACT_GATHER_INFO
2011-03-30Name : The remote Fedora host is missing a security update.
File : fedora_2011-3733.nasl - Type : ACT_GATHER_INFO
2011-03-30Name : The remote Fedora host is missing a security update.
File : fedora_2011-3737.nasl - Type : ACT_GATHER_INFO
2011-03-27Name : The remote Fedora host is missing a security update.
File : fedora_2011-3761.nasl - Type : ACT_GATHER_INFO
2011-01-03Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2139.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_phpMyAdmin-090119.nasl - Type : ACT_GATHER_INFO