Search Results (Refine Search)
- CPE Product Version: cpe:/a:phpmyadmin:phpmyadmin:4.6.0:rc2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-5702 |
phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI. Published: July 02, 2016; 9:59:13 PM -0400 |
V3.0: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2016-5701 |
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI. Published: July 02, 2016; 9:59:11 PM -0400 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |