An issue was discovered in phpMyAdmin. In the user interface preference
feature, a user can execute an SQL injection attack against the account of
the control user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions
(prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.04 | noarch | phpmyadmin | <Â 4:4.0.10-1ubuntu0.1+esm3 | UNKNOWN |
ubuntu | 16.04 | noarch | phpmyadmin | <Â 4:4.5.4.1-2ubuntu2.1+esm5 | UNKNOWN |