Skip to main content
CVE-2016-6620 CRITICAL PATCH Act Now

An issue was discovered in phpMyAdmin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE PHP Phpmyadmin
NVD
CVSS 3.0
9.8
EPSS
1.4%
CVE-2016-9865 CRITICAL PATCH Act Now

An issue was discovered in phpMyAdmin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Phpmyadmin
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2016-6629 CRITICAL PATCH Act Now

An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Phpmyadmin
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2016-9866 CRITICAL PATCH Act Now

An issue was discovered in phpMyAdmin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Phpmyadmin
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2016-9849 CRITICAL PATCH Act Now

An issue was discovered in phpMyAdmin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Phpmyadmin
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2016-6609 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection PHP Phpmyadmin
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2016-6619 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Phpmyadmin
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2016-6633 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE PHP Phpmyadmin
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2016-6631 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection RCE Phpmyadmin
NVD
CVSS 3.0
7.5
EPSS
3.6%
CVE-2016-6617 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Phpmyadmin
NVD
CVSS 3.0
8.1
EPSS
0.4%
CVE-2016-6611 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Phpmyadmin
NVD
CVSS 3.0
8.1
EPSS
0.4%
CVE-2016-6606 HIGH PATCH This Week

An issue was discovered in cookie encryption in phpMyAdmin. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Phpmyadmin
NVD
CVSS 3.0
8.1
EPSS
0.3%
CVE-2016-9863 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Phpmyadmin
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2016-9862 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Phpmyadmin
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-9864 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Phpmyadmin
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-6616 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Phpmyadmin
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-9861 HIGH PATCH This Week

An issue was discovered in phpMyAdmin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Phpmyadmin
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2016-6614 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Phpmyadmin
NVD
CVSS 3.0
6.8
EPSS
1.1%
CVE-2016-6630 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2016-6623 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-6618 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-6612 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-6628 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
6.3
EPSS
0.3%
CVE-2016-6607 MEDIUM PATCH This Month

XSS issues were discovered in phpMyAdmin. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Phpmyadmin
NVD
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-6615 MEDIUM PATCH This Month

XSS issues were discovered in phpMyAdmin. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Phpmyadmin
NVD
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-6608 MEDIUM PATCH This Month

XSS issues were discovered in phpMyAdmin. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Phpmyadmin
NVD
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-9857 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Phpmyadmin
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2016-9856 MEDIUM PATCH This Month

An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Phpmyadmin
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2016-9860 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Phpmyadmin
NVD
CVSS 3.0
5.9
EPSS
1.0%
CVE-2016-6622 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.9
EPSS
1.0%
CVE-2016-6632 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.9
EPSS
0.6%
CVE-2016-6624 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2016-6626 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2016-9853 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.9%
CVE-2016-9855 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.7%
CVE-2016-9859 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.6%
CVE-2016-9858 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.6%
CVE-2016-9850 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.6%
CVE-2016-9854 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2016-9852 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2016-9847 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-6613 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-6627 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-9848 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-9851 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Phpmyadmin
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2016-4412 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
4.4
EPSS
0.2%
CVE-2016-6610 MEDIUM PATCH This Month

A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
4.3
EPSS
0.4%
CVE-2016-6625 MEDIUM PATCH This Month

An issue was discovered in phpMyAdmin. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Phpmyadmin
NVD
CVSS 3.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy