Linux Distros Unpatched Vulnerability : CVE-2016-5701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode...

CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

DEBIAN-CVE-2016-5701

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...

openSUSE Security Update : phpMyAdmin (openSUSE-2016-806)

This phpMyAdmin update to version 4.4.15.7 fixes the following issues : Issues fixed: Setup script doesn't use input type 'password' in all relevant locations Security issues fixed : - PMASA-2016-17 CVE-2016-5701, CWE-661 https://www.phpmyadmin.net/security/PMASA-2016-17/ - BBCode injection...