Lucene search

[email protected]NVD:CVE-2016-9862

HistoryDec 11, 2016 - 3:00 a.m.

CVE-2016-9862

2016-12-1103:00:03

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

50.9%

JSON

An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected.

Affected configurations

Nvd

Node

phpmyadminphpmyadminMatch4.6.0

phpmyadminphpmyadminMatch4.6.1

phpmyadminphpmyadminMatch4.6.2

phpmyadminphpmyadminMatch4.6.3

phpmyadminphpmyadminMatch4.6.4

References

www.securityfocus.com/bid/94528

security.gentoo.org/glsa/201701-32

www.phpmyadmin.net/security/PMASA-2016-67

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

50.9%

JSON

Related for NVD:CVE-2016-9862

debiancve1 phpmyadmin1 alpinelinux1 ubuntucve1 cve2 cvelist1 prion2 nvd1 openvas2 nessus2 gentoo1