CVE-2016-9864 in phpMyAdmininformazioni

Riassunto

di MITRE

An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the MySQL database. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

06/12/2016

Divulgazione

10/12/2016

Moderazione

accettato

CPE

pronto

EPSS

0.01684

KEV

no

Attività

molto basso

Settore

Finance, Hostingprovider, ...

Fonti

MITREhttps://www.cve.org/CVERecord?id=CVE-2016-9864
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2016-9864
CVE Detailshttps://www.cvedetails.com/cve/CVE-2016-9864/

PrecedenteVisione D'ensembleIl prossimo

Want to know what is going to be exploited?

We predict KEV entries!