CVE-2016-6607 in phpMyAdmininfo

Summary

XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

08/06/2016

Disclosure

12/10/2016

Moderation

VulDB entry created

Entries

VDB-94039 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

6.1

EPSS

0.00541

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6607
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6607
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6607/

◂ Previous Overview Next ▸