GSA_kwCzR0hTQS00NHZ2LW1tODYtN2NnNs4AAWq6

High EPSS: 0.00328% (0.55158 Percentile) EPSS:

Permalink JSON

phpMyAdmin server-side request forgery (SSRF)

Affected Packages	Affected Versions	Fixed Versions
packagist:phpmyadmin/phpmyadmin	< 4.0.10.19, >= 4.4.0, < 4.4.15.10, >= 4.6.0, < 4.6.6	4.0.10.19, 4.4.15.10, 4.6.6
4 Dependent packages 15 Dependent repositories 353,741 Downloads total Affected Version Ranges All affected versions 4.0.0, 4.0.1-0.1, 4.0.1-0.2, 4.0.1-0.3, 4.0.1-0.4, 4.0.1-0.5, 4.0.1-0.6, 4.0.1-0.7, 4.0.1-0.8, 4.0.1-0.9 All unaffected versions 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.0.10, 4.7.0, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.7.6, 4.7.7, 4.7.8, 4.7.9, 4.8.0, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.9.7, 4.9.8, 4.9.9, 4.9.10, 4.9.11, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.1.0, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.2.0, 5.2.1, 5.2.2

The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.

References:

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

GSA_kwCzR0hTQS00NHZ2LW1tODYtN2NnNs4AAWq6

phpMyAdmin server-side request forgery (SSRF)

Affected Version Ranges

All affected versions

All unaffected versions

Identifiers

Risk

Severity

EPSS

Classification

Source

Origin

Date and time

Published

Updated

API