Description

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

Remediation

References

CVE-2016-6619

Related Vulnerabilities

MySQL CVE-2022-21314 Vulnerability (CVE-2022-21314)

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.2.727)

WordPress Plugin Flat Preloader Cross-Site Request Forgery (1.5.3)

Apache HTTP Server Session Fixation Vulnerability (CVE-2018-17199)

WordPress Plugin WP eCommerce 'collected_data[]' SQL Injection (3.8.4)

Severity

High

Classification

CVE-2016-6619 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities