|
266271
|
7.5 |
HIGH
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a use…
|
CWE-78
OS Command
|
CVE-2016-6631
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266272
|
6.5 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to …
|
CWE-20
Improper Input Validation
|
CVE-2016-6630
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266273
|
9.8 |
CRITICAL
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by A…
|
CWE-254
7PK - Security Features
|
CVE-2016-6629
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266274
|
6.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.…
|
CWE-254
7PK - Security Features
|
CVE-2016-6628
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266275
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.…
|
CWE-200
Information Exposure
|
CVE-2016-6627
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266276
|
5.4 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to…
|
CWE-254
7PK - Security Features
|
CVE-2016-6626
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266277
|
4.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4…
|
CWE-200
Information Exposure
|
CVE-2016-6625
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266278
|
5.9 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in …
|
CWE-254
7PK - Security Features
|
CVE-2016-6624
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266279
|
6.5 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service (DoS) attack on a server by passing large values to a loop. All 4.6.x versions (prior to 4.6.4), 4.4.x versions…
|
CWE-20
Improper Input Validation
|
CVE-2016-6623
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266280
|
5.9 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with $cfg['AllowArbitra…
|
CWE-399
Resource Management Errors
|
CVE-2016-6622
|
2024-11-21 11:56 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
