Description

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Remediation

References

CVE-2016-6619

Related Vulnerabilities

WordPress Plugin WP Customer Reviews Multiple Vulnerabilities (3.0.8)

Apache HTTP Server Other Vulnerability (CVE-1999-1293)

WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar Multiple Cross-Site Scripting Vulnerabilities (2.4.1)

PrestaShop Files or Directories Accessible to External Parties Vulnerability (CVE-2020-5250)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5606)

Severity

High

Classification

CVE-2016-6619 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities