Lucene search
K

8688 matches found

UbuntuCve
UbuntuCve
added 2016/12/11 2:59 a.m.26 views

CVE-2016-6607

XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...

6.1CVSS6.9AI score0.0132EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/12/11 2:59 a.m.30 views

CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

8.1CVSS7.2AI score0.01562EPSS
Exploits0References2
OSV
OSV
added 2016/12/11 2:59 a.m.2 views

UBUNTU-CVE-2016-9852

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS6.5AI score0.02157EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2016/12/11 2:59 a.m.31 views

CVE-2016-9853

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS6.6AI score0.02542EPSS
Exploits0References2
Prion
Prion
added 2016/12/11 2:59 a.m.26 views

Sql injection

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4 are affected...

6.8CVSS7.9AI score0.01506EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2016/12/11 2:59 a.m.21 views

CVE-2016-6610

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are...

4.3CVSS6.8AI score0.01339EPSS
Exploits0References2
Prion
Prion
added 2016/12/11 2:59 a.m.16 views

Design/Logic Flaw

XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...

4.3CVSS6AI score0.0132EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2016/12/11 2:59 a.m.20 views

Path traversal

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5CVSS6.9AI score0.02542EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/12/11 2:59 a.m.16 views

Sql injection

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

5.1CVSS7.9AI score0.01562EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2016/12/11 2:59 a.m.23 views

CVE-2016-9855

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS6.6AI score0.02497EPSS
Exploits0References2
OSV
OSV
added 2016/12/11 2:59 a.m.2 views

UBUNTU-CVE-2016-9855

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS6.5AI score0.02497EPSS
Exploits0References3
OSV
OSV
added 2016/12/11 2:59 a.m.2 views

UBUNTU-CVE-2016-6610

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are...

4.3CVSS6.7AI score0.01339EPSS
Exploits0References3
OSV
OSV
added 2016/12/11 2:59 a.m.3 views

UBUNTU-CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

8.1CVSS7.3AI score0.01562EPSS
Exploits0References3
OSV
OSV
added 2016/12/11 2:59 a.m.3 views

UBUNTU-CVE-2016-6609

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

8.8CVSS7.4AI score0.02299EPSS
Exploits0References4
OSV
OSV
added 2016/12/11 2:59 a.m.2 views

UBUNTU-CVE-2016-6607

XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...

6.1CVSS7.2AI score0.0132EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/12/11 2:0 a.m.26 views

CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

9.1AI score0.01562EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/12/11 2:0 a.m.28 views

CVE-2016-6617

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4 are affected...

8.2AI score0.01506EPSS
Exploits0References3
CVE
CVE
added 2016/12/11 2:0 a.m.76 views

CVE-2016-9854

Summary (CVE-2016-9854) : A path disclosure issue in phpMyAdmin arises when triggering certain scripts; an error message can reveal the full path to the phpMyAdmin installation, and during export time these paths are written into the export file. Affected versions are all 4.6.x before 4.6.5 and 4...

5.3CVSS5.4AI score0.02157EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/12/11 2:0 a.m.82 views

CVE-2016-9852

An issue in phpMyAdmin (CVE-2016-9852) allows PHP errors revealing the full installation path to be produced when calling certain scripts, and during export time, those errors can be written into the export file. Affected are all 4.6.x versions prior to 4.6.5 and 4.4.x versions prior to 4.4.15.9....

5.3CVSS5.4AI score0.02157EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/12/11 2:0 a.m.16 views

CVE-2016-6610

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are...

6.4AI score0.01339EPSS
Exploits0References3
Rows per page
Query Builder