Description

An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Remediation

References

CVE-2016-6633

Related Vulnerabilities

Magento Improper Input Validation Vulnerability (CVE-2022-24086)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1500)

XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16684)

Atlassian Jira CVE-2019-20898 Vulnerability (CVE-2019-20898)

WordPress Plugin QueryWall:Plug'n Play Firewall Cross-Site Scripting (1.1.0)

Severity

High

Classification

CVE-2016-6633 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities