Vulnerability & Exploit Database

Displaying all 6 entries

Results for: CVE-2016-5701 Back to search

Gentoo Linux: CVE-2016-5701: phpMyAdmin: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: July 02, 2016

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.

FreeBSD: phpMyAdmin -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 8
  • Published: July 02, 2016

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.

Debian: CVE-2016-5701: phpmyadmin -- security update Vulnerability

  • Severity: 4
  • Published: July 02, 2016

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.

Alpine Linux: CVE-2016-5701: phpmyadmin Multiple issues Vulnerability

  • Severity: 4
  • Published: July 02, 2016

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.

SUSE: CVE-2016-5701: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: June 28, 2016

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.