Description

An issue was discovered in phpMyAdmin. In the "User group" and "Designer" features, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.

Remediation

References

CVE-2016-6616

Related Vulnerabilities

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.6)

WordPress Plugin DP Maintenance Mode Lite Cross-Site Scripting (1.3.2)

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2068)

PHP Other Vulnerability (CVE-2004-0958)

WordPress Plugin Jayj Quicktag Multiple Vulnerabilities (1.3.1)

Severity

High

Classification

CVE-2016-6616 CWE-138 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities