Description

An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Remediation

References

CVE-2016-6627

Related Vulnerabilities

WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)

Atlassian Jira Missing Authorization Vulnerability (CVE-2017-18101)

PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.15)

WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)

Severity

Medium

Classification

CVE-2016-6627 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities