CVE-2016-6615
11.12.2016, 02:59
XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature (a specially-crafted database name can be used to trigger an XSS attack); the "Tracking" feature (a specially-crafted query can be used to trigger an XSS attack); and GIS visualization feature. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.
| Vendor | Product | Version |
|---|---|---|
| phpmyadmin | phpmyadmin | 4.4.0 |
| phpmyadmin | phpmyadmin | 4.4.1 |
| phpmyadmin | phpmyadmin | 4.4.1.1 |
| phpmyadmin | phpmyadmin | 4.4.2 |
| phpmyadmin | phpmyadmin | 4.4.3 |
| phpmyadmin | phpmyadmin | 4.4.4 |
| phpmyadmin | phpmyadmin | 4.4.5 |
| phpmyadmin | phpmyadmin | 4.4.6 |
| phpmyadmin | phpmyadmin | 4.4.6.1 |
| phpmyadmin | phpmyadmin | 4.4.7 |
| phpmyadmin | phpmyadmin | 4.4.8 |
| phpmyadmin | phpmyadmin | 4.4.9 |
| phpmyadmin | phpmyadmin | 4.4.10 |
| phpmyadmin | phpmyadmin | 4.4.11 |
| phpmyadmin | phpmyadmin | 4.4.12 |
| phpmyadmin | phpmyadmin | 4.4.13 |
| phpmyadmin | phpmyadmin | 4.4.13.1 |
| phpmyadmin | phpmyadmin | 4.4.14.1 |
| phpmyadmin | phpmyadmin | 4.4.15 |
| phpmyadmin | phpmyadmin | 4.4.15.1 |
| phpmyadmin | phpmyadmin | 4.4.15.2 |
| phpmyadmin | phpmyadmin | 4.4.15.3 |
| phpmyadmin | phpmyadmin | 4.4.15.4 |
| phpmyadmin | phpmyadmin | 4.4.15.5 |
| phpmyadmin | phpmyadmin | 4.4.15.6 |
| phpmyadmin | phpmyadmin | 4.4.15.7 |
| phpmyadmin | phpmyadmin | 4.6.0 |
| phpmyadmin | phpmyadmin | 4.6.0:alpha1 |
| phpmyadmin | phpmyadmin | 4.6.0:rc1 |
| phpmyadmin | phpmyadmin | 4.6.0:rc2 |
| phpmyadmin | phpmyadmin | 4.6.1 |
| phpmyadmin | phpmyadmin | 4.6.2 |
| phpmyadmin | phpmyadmin | 4.6.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| phpmyadmin |
|
References