CVE-2016-5099
EUVD-2016-605105.07.2016, 01:59
Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| phpmyadmin | phpmyadmin | 4.4.0 |
| phpmyadmin | phpmyadmin | 4.4.1 |
| phpmyadmin | phpmyadmin | 4.4.1.1 |
| phpmyadmin | phpmyadmin | 4.4.2 |
| phpmyadmin | phpmyadmin | 4.4.3 |
| phpmyadmin | phpmyadmin | 4.4.4 |
| phpmyadmin | phpmyadmin | 4.4.5 |
| phpmyadmin | phpmyadmin | 4.4.6 |
| phpmyadmin | phpmyadmin | 4.4.6.1 |
| phpmyadmin | phpmyadmin | 4.4.7 |
| phpmyadmin | phpmyadmin | 4.4.8 |
| phpmyadmin | phpmyadmin | 4.4.9 |
| phpmyadmin | phpmyadmin | 4.4.10 |
| phpmyadmin | phpmyadmin | 4.4.11 |
| phpmyadmin | phpmyadmin | 4.4.12 |
| phpmyadmin | phpmyadmin | 4.4.13 |
| phpmyadmin | phpmyadmin | 4.4.13.1 |
| phpmyadmin | phpmyadmin | 4.4.14.1 |
| phpmyadmin | phpmyadmin | 4.4.15 |
| phpmyadmin | phpmyadmin | 4.4.15.1 |
| phpmyadmin | phpmyadmin | 4.4.15.2 |
| phpmyadmin | phpmyadmin | 4.4.15.3 |
| phpmyadmin | phpmyadmin | 4.4.15.4 |
| phpmyadmin | phpmyadmin | 4.4.15.5 |
| opensuse | opensuse | 13.1 |
| phpmyadmin | phpmyadmin | 4.6.0 |
| phpmyadmin | phpmyadmin | 4.6.0:alpha1 |
| phpmyadmin | phpmyadmin | 4.6.0:rc1 |
| phpmyadmin | phpmyadmin | 4.6.0:rc2 |
| phpmyadmin | phpmyadmin | 4.6.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| phpmyadmin |
|
References