CVE-2016-9855

🗓️ 11 Dec 2016 02:00:00Reported by Debian Security Bug TrackerType

debiancve

debiancve🔗 security-tracker.debian.org👁 27 Views

An issue in phpMyAdmin allows triggering PHP error messages revealing installation directory pat

Reporter	Title	Published	Views	Family All 27
Tenable Nessus	phpMyAdmin 4.4.15.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Information Disclosure	9 Jan 201700:00	–	nessus
Tenable Nessus	GLSA-201701-32 : phpMyAdmin: Multiple vulnerabilities	12 Jan 201700:00	–	nessus
Tenable Nessus	phpMyAdmin 4.0.x < 4.0.10.18 / 4.4.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Vulnerabilities	7 Dec 202000:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2016-9855	25 Aug 202500:00	–	nessus
AlpineLinux	CVE-2016-9855	11 Dec 201602:00	–	alpinelinux
CNVD	phpMyAdmin Path Traversal Vulnerability	16 Dec 201600:00	–	cnvd
CVE	CVE-2016-9855	11 Dec 201602:00	–	cve
Cvelist	CVE-2016-9855	11 Dec 201602:00	–	cvelist
EUVD	EUVD-2016-10652	7 Oct 202500:30	–	euvd
Gentoo Linux	phpMyAdmin: Multiple vulnerabilities	11 Jan 201700:00	–	gentoo

OS	OS Version	Architecture	Package	Package Version	Filename
Debian	11	any	phpmyadmin	4:4.6.5.1-1	phpmyadmin_4:4.6.5.1-1_any.deb
Debian	12	any	phpmyadmin	4:4.6.5.1-1	phpmyadmin_4:4.6.5.1-1_any.deb
Debian	13	any	phpmyadmin	4:4.6.5.1-1	phpmyadmin_4:4.6.5.1-1_any.deb
Debian	999	any	phpmyadmin	4:4.6.5.1-1	phpmyadmin_4:4.6.5.1-1_any.deb

11 Dec 2016 02:00Current

5.6Medium risk

Vulners AI Score5.6

CVSS 25

CVSS 35.3

EPSS0.00501

phpmyadmin php error installation directory