Логотип exploitDog
product: "phpmyadmin"
Консоль
Логотип exploitDog

exploitDog

product: "phpmyadmin"

Количество 1 093

Количество 1 093

ubuntu логотип

CVE-2016-6613

больше 8 лет назад

An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 5.3
EPSS: Низкий
nvd логотип

CVE-2016-6613

больше 8 лет назад

An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 5.3
EPSS: Низкий
debian логотип

CVE-2016-6613

больше 8 лет назад

An issue was discovered in phpMyAdmin. A user can specially craft a sy ...

CVSS3: 5.3
EPSS: Низкий
ubuntu логотип

CVE-2016-6612

больше 8 лет назад

An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.5
EPSS: Низкий
nvd логотип

CVE-2016-6612

больше 8 лет назад

An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2016-6612

больше 8 лет назад

An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOC ...

CVSS3: 6.5
EPSS: Низкий
ubuntu логотип

CVE-2016-6611

больше 8 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.1
EPSS: Низкий
nvd логотип

CVE-2016-6611

больше 8 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.1
EPSS: Низкий
debian логотип

CVE-2016-6611

больше 8 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database an ...

CVSS3: 8.1
EPSS: Низкий
ubuntu логотип

CVE-2016-6610

больше 8 лет назад

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2016-6610

больше 8 лет назад

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2016-6610

больше 8 лет назад

A full path disclosure vulnerability was discovered in phpMyAdmin wher ...

CVSS3: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2016-6609

больше 8 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.8
EPSS: Низкий
nvd логотип

CVE-2016-6609

больше 8 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.8
EPSS: Низкий
debian логотип

CVE-2016-6609

больше 8 лет назад

An issue was discovered in phpMyAdmin. A specially crafted database na ...

CVSS3: 8.8
EPSS: Низкий
ubuntu логотип

CVE-2016-6608

больше 8 лет назад

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected.

CVSS3: 6.1
EPSS: Низкий
nvd логотип

CVE-2016-6608

больше 8 лет назад

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected.

CVSS3: 6.1
EPSS: Низкий
debian логотип

CVE-2016-6608

больше 8 лет назад

XSS issues were discovered in phpMyAdmin. This affects the database pr ...

CVSS3: 6.1
EPSS: Низкий
ubuntu логотип

CVE-2016-6607

больше 8 лет назад

XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.1
EPSS: Низкий
nvd логотип

CVE-2016-6607

больше 8 лет назад

XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.1
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2016-6613

An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 5.3
0%
Низкий
больше 8 лет назад
nvd логотип
CVE-2016-6613

An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 5.3
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2016-6613

An issue was discovered in phpMyAdmin. A user can specially craft a sy ...

CVSS3: 5.3
0%
Низкий
больше 8 лет назад
ubuntu логотип
CVE-2016-6612

An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.5
0%
Низкий
больше 8 лет назад
nvd логотип
CVE-2016-6612

An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.5
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2016-6612

An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOC ...

CVSS3: 6.5
0%
Низкий
больше 8 лет назад
ubuntu логотип
CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.1
0%
Низкий
больше 8 лет назад
nvd логотип
CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.1
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database an ...

CVSS3: 8.1
0%
Низкий
больше 8 лет назад
ubuntu логотип
CVE-2016-6610

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 4.3
0%
Низкий
больше 8 лет назад
nvd логотип
CVE-2016-6610

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 4.3
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2016-6610

A full path disclosure vulnerability was discovered in phpMyAdmin wher ...

CVSS3: 4.3
0%
Низкий
больше 8 лет назад
ubuntu логотип
CVE-2016-6609

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.8
0%
Низкий
больше 8 лет назад
nvd логотип
CVE-2016-6609

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 8.8
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2016-6609

An issue was discovered in phpMyAdmin. A specially crafted database na ...

CVSS3: 8.8
0%
Низкий
больше 8 лет назад
ubuntu логотип
CVE-2016-6608

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected.

CVSS3: 6.1
0%
Низкий
больше 8 лет назад
nvd логотип
CVE-2016-6608

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected.

CVSS3: 6.1
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2016-6608

XSS issues were discovered in phpMyAdmin. This affects the database pr ...

CVSS3: 6.1
0%
Низкий
больше 8 лет назад
ubuntu логотип
CVE-2016-6607

XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.1
1%
Низкий
больше 8 лет назад
nvd логотип
CVE-2016-6607

XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

CVSS3: 6.1
1%
Низкий
больше 8 лет назад

Уязвимостей на страницу