|
267891
|
6.5 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to …
|
CWE-20
Improper Input Validation
|
CVE-2016-6630
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267892
|
9.8 |
CRITICAL
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by A…
|
CWE-254
7PK - Security Features
|
CVE-2016-6629
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267893
|
6.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.…
|
CWE-254
7PK - Security Features
|
CVE-2016-6628
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267894
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.…
|
CWE-200
Information Exposure
|
CVE-2016-6627
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267895
|
5.4 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to…
|
CWE-254
7PK - Security Features
|
CVE-2016-6626
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267896
|
4.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4…
|
CWE-200
Information Exposure
|
CVE-2016-6625
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267897
|
5.9 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in …
|
CWE-254
7PK - Security Features
|
CVE-2016-6624
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267898
|
6.5 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service (DoS) attack on a server by passing large values to a loop. All 4.6.x versions (prior to 4.6.4), 4.4.x versions…
|
CWE-20
Improper Input Validation
|
CVE-2016-6623
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267899
|
5.9 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with $cfg['AllowArbitra…
|
CWE-399
Resource Management Errors
|
CVE-2016-6622
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267900
|
9.8 |
CRITICAL
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function without verification that it's valid serialized data. The unserialization can result in code execution bec…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-6620
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
