5
CVSSv2

CVE-2015-6830

Published: 14/09/2015 Updated: 22/12/2016
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x prior to 4.3.13.2 and 4.4.x prior to 4.4.14.1 allows remote malicious users to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha.

Vulnerable Product Search on Vulmon Subscribe to Product

phpmyadmin phpmyadmin 4.4.4

phpmyadmin phpmyadmin 4.4.5

phpmyadmin phpmyadmin 4.4.11

phpmyadmin phpmyadmin 4.4.12

phpmyadmin phpmyadmin 4.3.12

phpmyadmin phpmyadmin 4.3.13.1

phpmyadmin phpmyadmin 4.3.9

phpmyadmin phpmyadmin 4.3.8

phpmyadmin phpmyadmin 4.4.0

phpmyadmin phpmyadmin 4.4.1

phpmyadmin phpmyadmin 4.4.7

phpmyadmin phpmyadmin 4.4.8

phpmyadmin phpmyadmin 4.4.14

phpmyadmin phpmyadmin 4.3.0

phpmyadmin phpmyadmin 4.3.1

phpmyadmin phpmyadmin 4.3.4

phpmyadmin phpmyadmin 4.3.5

phpmyadmin phpmyadmin 4.4.1.1

phpmyadmin phpmyadmin 4.4.3

phpmyadmin phpmyadmin 4.4.9

phpmyadmin phpmyadmin 4.4.10

phpmyadmin phpmyadmin 4.3.10

phpmyadmin phpmyadmin 4.3.11

phpmyadmin phpmyadmin 4.3.6

phpmyadmin phpmyadmin 4.3.7

phpmyadmin phpmyadmin 4.4.6

phpmyadmin phpmyadmin 4.4.6.1

phpmyadmin phpmyadmin 4.4.13.1

phpmyadmin phpmyadmin 4.4.13

phpmyadmin phpmyadmin 4.3.2

phpmyadmin phpmyadmin 4.3.3

Vendor Advisories

Several issues have been fixed in phpMyAdmin, the web administration tool for MySQL CVE-2014-8958 (Wheezy only) Multiple cross-site scripting (XSS) vulnerabilities CVE-2014-9218 (Wheezy only) Denial of service (resource consumption) via a long password CVE-2015-2206 Risk of BREACH attack due to reflected parameter CVE-2015- ...