Description

An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Remediation

References

CVE-2016-6625

Related Vulnerabilities

WordPress Plugin FavIcon Switcher Cross-Site Request Forgery (1.2.11)

WordPress Plugin Simple:Press Security Bypass and Arbitrary File Upload Vulnerabilities (4.1.2)

Joomla CVE-2012-0819 Vulnerability (CVE-2012-0819)

WordPress Plugin Pinterest Badge Cross-Site Scripting (1.9.0)

WordPress Plugin SocialFit 'msg' Parameter Cross-Site Scripting (1.2.2)

Severity

Medium

Classification

CVE-2016-6625 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities