Skip to main content
CVE-2016-5702 LOW PATCH Monitor

phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Code Injection Phpmyadmin
NVD GitHub
CVSS 3.0
3.7
EPSS
0.2%
CVE-2016-2894 LOW Monitor

IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary. Rated low severity (CVSS 2.5). No vendor patch available.

IBM Information Disclosure Tivoli Storage Manager
NVD
CVSS 3.0
2.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy