CVE-2016-5099

CVE-2016-5099 pertains to a cross-site scripting (XSS) vulnerability in phpMyAdmin. The issue affects phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2, allowing remote attackers to inject arbitrary web script or HTML via characters mishandled during double URL decoding. Public advisories i...

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...