cbcvebase.
CVE-2015-6830
published 2015-09-14

CVE-2015-6830: libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a…

PriorityP340medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
9.79%
94.9th percentile
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha.

Affected

38 ranges· showing 25
VendorProductVersion rangeFixed in
debianphpmyadmin< phpmyadmin 4:4.4.14.1-1 (bookworm)phpmyadmin 4:4.4.14.1-1 (bookworm)
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.