vulnerability

phpMyAdmin: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CVE-2016-6616)

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Dec 10, 2016
Added
May 4, 2017
Modified
Nov 27, 2024

Description

An issue was discovered in phpMyAdmin. In the "User group" and "Designer" features, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.

Solution

phpmyadmin-upgrade-latest
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.