PT-2016-4985 · Phpmyadmin · Phpmyadmin

E3Amn2L

Publicado

2016-02-20

Atualizado

2024-06-15

CVE-2016-2044

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions 4.5.x through 4.5.3

Description The issue allows remote attackers to obtain sensitive information via a crafted request. This is achieved by exploiting the SQL parser in phpMyAdmin, which reveals the full path in an error message. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For phpMyAdmin versions 4.5.x through 4.5.3, update to version 4.5.4 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2016-2044

OPENSUSE-SU-2024:10054-1

Produtos afetados

Phpmyadmin

PT-2016-4985 · Phpmyadmin · Phpmyadmin

CVE-2016-2044

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 138