WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9861)

Description

An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Remediation

References

Related Vulnerabilities

MediaWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-25869)

Jenkins Improper Authentication Vulnerability (CVE-2017-2604)

Sqlite Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-45346)

Oracle Database Server CVE-2008-2605 Vulnerability (CVE-2008-2605)

WebLogic CVE-2020-2867 Vulnerability (CVE-2020-2867)

Severity

High

Classification

CVE-2016-9861 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities