Description

An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Remediation

References

CVE-2016-6612

Related Vulnerabilities

WordPress Plugin Staff Directory:Company Directory Cross-Site Request Forgery (3.6)

WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll PHP Object Injection (1.5.5)

WordPress Plugin Simple Personal Message SQL Injection (1.0.3)

WordPress Plugin leads5050-visitor-insights Security Bypass (1.0.5)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31802)

Severity

Medium

Classification

CVE-2016-6612 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities