Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-5097

Опубликовано: 05 июл. 2016
Источник: debian
EPSS Низкий

Описание

phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
phpmyadminfixed4:4.6.2-1package
phpmyadminno-dsajessiepackage
phpmyadminno-dsawheezypackage

Примечания

  • https://www.phpmyadmin.net/security/PMASA-2016-14/

EPSS

Процентиль: 68%
0.00551
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-5097

CVSS3: 5.3
ubuntu
больше 9 лет назад

phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.

nvd логотип

CVE-2016-5097

CVSS3: 5.3
nvd
больше 9 лет назад

phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.

github логотип

GHSA-fc5f-944q-53rg

CVSS3: 5.3
github
больше 3 лет назад

phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.

EPSS

Процентиль: 68%
0.00551
Низкий