|
257111
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in saved searches feature. All 4.6.x versions (prior to 4.6.5), 4.4…
|
CWE-20
Improper Input Validation
|
CVE-2016-9858
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257112
|
6.1 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to …
|
CWE-79
Cross-site Scripting
|
CVE-2016-9857
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257113
|
6.1 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. This issue is resolved by using a copy of a hash to avoid a race condition. All 4.6.x versions…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9856
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257114
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the…
|
CWE-200
Information Exposure
|
CVE-2016-9855
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257115
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the…
|
CWE-200
Information Exposure
|
CVE-2016-9854
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257116
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) …
|
CWE-254
7PK - Security Features
|
CVE-2016-9851
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257117
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x v…
|
CWE-254
7PK - Security Features
|
CVE-2016-9850
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257118
|
9.8 |
CRITICAL
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x vers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9849
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257119
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4…
|
CWE-200
Information Exposure
|
CVE-2016-9848
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257120
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the…
|
CWE-200
Information Exposure
|
CVE-2016-9853
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
