Published: 31/01/2017 Updated: 08/07/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The setup script for phpMyAdmin prior to 4.0.10.19, 4.4.x prior to 4.4.15.10, and 4.6.x prior to 4.6.6 allows remote malicious users to conduct server-side request forgery (SSRF) attacks via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpmyadmin phpmyadmin
phpmyadmin phpmyadmin 4.4.10
phpmyadmin phpmyadmin 4.4.11
phpmyadmin phpmyadmin 4.4.15.2
phpmyadmin phpmyadmin 4.4.15.3
phpmyadmin phpmyadmin 4.4.15.4
phpmyadmin phpmyadmin 4.4.5
phpmyadmin phpmyadmin 4.4.6
phpmyadmin phpmyadmin 4.4.1
phpmyadmin phpmyadmin 4.4.1.1
phpmyadmin phpmyadmin 4.4.15
phpmyadmin phpmyadmin 4.4.15.1
phpmyadmin phpmyadmin 4.4.3
phpmyadmin phpmyadmin 4.4.4
phpmyadmin phpmyadmin 4.4.12
phpmyadmin phpmyadmin 4.4.13
phpmyadmin phpmyadmin 4.4.15.5
phpmyadmin phpmyadmin 4.4.15.6
phpmyadmin phpmyadmin 4.4.6.1
phpmyadmin phpmyadmin 4.4.7
phpmyadmin phpmyadmin 4.4.15.9
phpmyadmin phpmyadmin 4.4.0
phpmyadmin phpmyadmin 4.4.13.1
phpmyadmin phpmyadmin 4.4.14.1
phpmyadmin phpmyadmin 4.4.15.8
phpmyadmin phpmyadmin 4.4.2
phpmyadmin phpmyadmin 4.4.8
phpmyadmin phpmyadmin 4.4.9
phpmyadmin phpmyadmin 4.6.0
phpmyadmin phpmyadmin 4.6.5
phpmyadmin phpmyadmin 4.6.4
phpmyadmin phpmyadmin 4.6.1
phpmyadmin phpmyadmin 4.6.2

CWE-918 https://www.phpmyadmin.net/security/PMASA-2016-44/http://www.securityfocus.com/bid/95914 https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html https://nvd.nist.gov

CVE-2016-6621

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect