Description

An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Remediation

References

CVE-2016-9848

Related Vulnerabilities

SharePoint Improper Input Validation Vulnerability (CVE-2019-1257)

PHP Use After Free Vulnerability (CVE-2016-7479)

WordPress Plugin Responsive Gallery Grid Cross-Site Scripting (2.3.8)

WordPress Plugin VikRentCar Car Rental Management System Cross-Site Request Forgery (1.1.6)

Jenkins Incorrect Authorization Vulnerability (CVE-2017-2599)

Severity

Medium

Classification

CVE-2016-9848 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities