Description

An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Remediation

References

CVE-2016-9848

Related Vulnerabilities

MySQL CVE-2019-2808 Vulnerability (CVE-2019-2808)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-2221)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5344)

PHP Uncontrolled Resource Consumption Vulnerability (CVE-2017-11142)

OpenSSL Improper Input Validation Vulnerability (CVE-2013-4353)

Severity

Medium

Classification

CVE-2016-9848 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities