phpMyAdmin 5.1.0 Release Candidate 1

CPE Details

phpMyAdmin 5.1.0 Release Candidate 1
5.1.0
2022-01-26
15h13 +00:00
2022-01-28
20h36 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:phpmyadmin:phpmyadmin:5.1.0:rc1:*:*:*:*:*:*

Informations

Vendor

phpmyadmin

Product

phpmyadmin

Version

5.1.0

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-25727 2023-02-13 00h00 +00:00 In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.
5.4
Medium
CVE-2020-22452 2023-01-26 00h00 +00:00 SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.
9.8
Critical
CVE-2022-0813 2022-03-09 14h59 +00:00 PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.
7.5
High
CVE-2022-23807 2022-01-21 23h00 +00:00 An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
4.3
Medium
CVE-2022-23808 2022-01-21 23h00 +00:00 An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
6.1
Medium