Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MySQL CVE-2016-3477 Vulnerability (CVE-2016-3477)

Description

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

Remediation

References

Related Vulnerabilities

WordPress Plugin Pinpoint Booking System-#1 WordPress Booking SQL Injection (2.9.9.2.8)

Sqlite Out-of-bounds Write Vulnerability (CVE-2020-15358)

Oracle Database Server Other Vulnerability (CVE-2003-0727)

WordPress Plugin Name Directory Cross-Site Scripting (1.7.6)

WordPress Plugin Availability Calendar Cross-Site Scripting (1.2.1)

Severity

High

Classification

CVE-2016-3477 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities