CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

9.8CVSS6.9AI score0.01018EPSS

ALPINE-CVE-2016-9866

An issue was discovered in phpMyAdmin. When the argseparator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to...

OSV•added 2016/12/11 3:0 a.m.•0 views

DEBIAN-CVE-2016-9866

9.8CVSS9.3AI score0.01018EPSS

OSV•added 2016/12/11 3:0 a.m.•17 views

CVE-2016-9866

9.8CVSS6.9AI score

OSV•added 2016/12/11 3:0 a.m.•8 views

CVE-2016-9865

An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMAsafeUnserialize function. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

9.8CVSS9.3AI score

NVD•added 2016/12/11 3:0 a.m.•24 views

CVE-2016-9865

9.8CVSS9.4AI score0.02267EPSS

OSV•added 2016/12/11 3:0 a.m.•4 views

ALPINE-CVE-2016-9865

9.8CVSS6.9AI score0.02267EPSS

9.8CVSS9AI score0.02267EPSS

DEBIAN-CVE-2016-9865

NVD•added 2016/12/11 3:0 a.m.•20 views

CVE-2016-9864

An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and ...

7.5CVSS7.4AI score0.01684EPSS

OSV•added 2016/12/11 3:0 a.m.•4 views

ALPINE-CVE-2016-9864

7.5CVSS7.2AI score0.01684EPSS

7.5CVSS9.2AI score0.01684EPSS

DEBIAN-CVE-2016-9864

OSV•added 2016/12/11 3:0 a.m.•10 views

CVE-2016-9864

7.5CVSS9.2AI score

NVD•added 2016/12/11 3:0 a.m.•24 views

CVE-2016-9863

An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service DoS attack. All 4.6.x versions prior to 4.6.5 are affected...

7.5CVSS7.3AI score0.01936EPSS

7.5CVSS9.3AI score0.01936EPSS

DEBIAN-CVE-2016-9863

OSV•added 2016/12/11 3:0 a.m.•7 views

CVE-2016-9863

7.5CVSS7.4AI score

OSV•added 2016/12/11 3:0 a.m.•4 views

ALPINE-CVE-2016-9863

7.5CVSS6.9AI score0.01936EPSS

NVD•added 2016/12/11 3:0 a.m.•18 views

CVE-2016-9862

An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions prior to 4.6.5 are affected...

7.5CVSS7.3AI score0.01569EPSS

7.5CVSS6.8AI score0.01569EPSS

ALPINE-CVE-2016-9862

An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions prior to 4.6.5 are affected...

OSV•added 2016/12/11 3:0 a.m.•8 views

CVE-2016-9862

An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions prior to 4.6.5 are affected...

7.5CVSS6.4AI score

OSV•added 2016/12/11 3:0 a.m.•0 views

DEBIAN-CVE-2016-9862

An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions prior to 4.6.5 are affected...

7.5CVSS7.4AI score0.01569EPSS

NVD•added 2016/12/11 3:0 a.m.•18 views

CVE-2016-9861

An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

7.5CVSS7.4AI score0.01791EPSS