10 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-9864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that woul...
Debian: Security Advisory (DLA-757-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9864. Reason: This candidate is a reservation duplicate of CVE-2016-9864. Notes: All CVE users should reference CVE-2016-9864 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2016-1000371
CVE-2016-1000371 is a reservation duplicate of CVE-2016-9864. The connected documents describe a phpMyAdmin vulnerability (CVE-2016-9864) involving SQL injection in the tracking functionality that could grant read/write access to the configuration storage and, depending on privileges, to the MySQ...
phpMyAdmin Multiple Security Vulnerabilities - 04 (Dec 2016) - Linux
phpMyAdmin is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...
[SECURITY] [DLA 757-1] phpmyadmin security update
Package : phpmyadmin Version : 4:3.4.11.1-2+deb7u7 CVE ID : CVE-2016-4412 CVE-2016-6626 CVE-2016-9849 CVE-2016-9850 CVE-2016-9861 CVE-2016-9864 CVE-2016-9865 Various security issues where found and fixed in phpmyadmin in wheezy. CVE-2016-4412 / PMASA-2016-57 A user can be tricked in following a...
DLA-757-1 phpmyadmin - security update
Bulletin has no description...
CVE-2016-9864
An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and ...
CVE-2016-9864
An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and ...
CVE-2016-9864
CVE-2016-9864 concerns phpMyAdmin with SQL injection in the tracking functionality via crafted usernames or table names, granting the control user’s privileges to read/write the configuration storage and potentially access some MySQL tables. Affected versions are all 4.6.x before 4.6.5, all 4.4.x...