High severityNVD Advisory· Published Oct 28, 2015· Updated Jun 17, 2026
CVE-2015-7873
CVE-2015-7873
Description
The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpmyadmin/phpmyadminPackagist | >= 4.4.0, < 4.4.15.1 | 4.4.15.1 |
phpmyadmin/phpmyadminPackagist | >= 4.5.0, < 4.5.1 | 4.5.1 |
Affected products
25cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*
- ghsa-coords2 versions
>= 4.4.0, < 4.4.15.1+ 1 more
- (no CPE)range: >= 4.4.0, < 4.4.15.1
- (no CPE)range: < 4.6.5.2-1.1
Patches
Vulnerability mechanics
References
14- www.phpmyadmin.net/security/PMASA-2015-5/nvdPatchVendor Advisory
- github.com/advisories/GHSA-5pmg-qh2c-7j24ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-7873ghsaADVISORY
- lists.fedoraproject.org/pipermail/package-announce/2015-November/171311.htmlnvdWEB
- lists.fedoraproject.org/pipermail/package-announce/2015-November/171326.htmlnvdWEB
- lists.fedoraproject.org/pipermail/package-announce/2015-October/169987.htmlnvdWEB
- www.debian.org/security/2015/dsa-3382nvdWEB
- github.com/phpmyadmin/phpmyadmin/commit/2b31866fe0b30b867aaf5b5fedb11adb354e037fghsaWEB
- github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706nvdWEB
- web.archive.org/web/20161014120907/http://www.securitytracker.com/id/1034013ghsaWEB
- web.archive.org/web/20200228052850/http://www.securityfocus.com/bid/77299ghsaWEB
- www.phpmyadmin.net/security/PMASA-2015-5ghsaWEB
- www.securityfocus.com/bid/77299nvd
- www.securitytracker.com/id/1034013nvd
News mentions
0No linked articles in our index yet.