CVE-2016-5702

Опубликовано: 03 июл. 2016

Источник: debian

Описание

phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
phpmyadmin	fixed	4:4.6.3-1		package
phpmyadmin	no-dsa		jessie	package
phpmyadmin	no-dsa		wheezy	package

Связанные уязвимости

CVE-2016-5702

CVSS3: 3.7

ubuntu

больше 9 лет назад

phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI.

CVE-2016-5702

CVSS3: 3.7

nvd

больше 9 лет назад

phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI.

GHSA-xqw9-ffx7-g998

CVSS3: 3.7

github

больше 3 лет назад

phpMyAdmin cookie-attribute injection