exploitDog

CVE-2016-6609

Опубликовано: 11 дек. 2016

Источник: debian

Описание

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
phpmyadmin	fixed	4:4.6.4+dfsg1-1		package

Примечания

https://www.phpmyadmin.net/security/PMASA-2016-32/

Связанные уязвимости

CVE-2016-6609

CVSS3: 8.8

ubuntu

около 9 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVE-2016-6609

CVSS3: 8.8

nvd

около 9 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

GHSA-wpww-hx7x-xfjh

CVSS3: 8.8

github

больше 3 лет назад

phpMyAdmin PHP code injection

openSUSE-SU-2016:2168-1

suse-cvrf

больше 9 лет назад

Security update for phpMyAdmin