Medium severity6.1NVD Advisory· Published Aug 24, 2018· Updated Jun 17, 2026
CVE-2018-15605
CVE-2018-15605
Description
An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpmyadmin/phpmyadminPackagist | < 4.8.3 | 4.8.3 |
Affected products
2- ghsa-coords2 versions
< 4.8.3+ 1 more
- (no CPE)range: < 4.8.3
- (no CPE)range: < 5.1.1-1.2
Patches
Vulnerability mechanics
References
7- github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1nvdPatchThird Party AdvisoryWEB
- www.phpmyadmin.net/security/PMASA-2018-5/nvdPatchVendor Advisory
- www.securityfocus.com/bid/105168nvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/id/1041548nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-c958-4j9x-q7w4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-15605ghsaADVISORY
- www.phpmyadmin.net/security/PMASA-2018-5ghsaWEB
News mentions
0No linked articles in our index yet.