CVE-2016-6633 — Code Injection in Phpmyadmin
Severity
8.1HIGHNVD
EPSS
1.8%
top 17.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 11
Latest updateMay 17
Description
An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9
Affected Packages4 packages
Patches
🔴Vulnerability Details
3📋Vendor Advisories
1Debian▶
CVE-2016-6633: phpmyadmin - An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remot...↗2016