CVE-2017-1000015CVE-2017-1000015

Affected configuration(s):

cpe:/a:phpmyadmin:phpmyadmin:4.0.0
cpe:/a:phpmyadmin:phpmyadmin:4.0.0:rc2
cpe:/a:phpmyadmin:phpmyadmin:4.0.0:rc3
cpe:/a:phpmyadmin:phpmyadmin:4.0.1
cpe:/a:phpmyadmin:phpmyadmin:4.0.2
cpe:/a:phpmyadmin:phpmyadmin:4.0.3
cpe:/a:phpmyadmin:phpmyadmin:4.0.4
cpe:/a:phpmyadmin:phpmyadmin:4.0.4.1
cpe:/a:phpmyadmin:phpmyadmin:4.0.4.2
cpe:/a:phpmyadmin:phpmyadmin:4.0.5
cpe:/a:phpmyadmin:phpmyadmin:4.0.6
cpe:/a:phpmyadmin:phpmyadmin:4.0.7
cpe:/a:phpmyadmin:phpmyadmin:4.0.8
cpe:/a:phpmyadmin:phpmyadmin:4.0.9
cpe:/a:phpmyadmin:phpmyadmin:4.0.10
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.1
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.2
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.3
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.4
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.5
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.6
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.7
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.8
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.9
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.10
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.11
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.12
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.13
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.14
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.15
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.16
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.17
cpe:/a:phpmyadmin:phpmyadmin:4.0.10.18
cpe:/a:phpmyadmin:phpmyadmin:4.4.0
cpe:/a:phpmyadmin:phpmyadmin:4.4.1
cpe:/a:phpmyadmin:phpmyadmin:4.4.1.1
cpe:/a:phpmyadmin:phpmyadmin:4.4.2
cpe:/a:phpmyadmin:phpmyadmin:4.4.3
cpe:/a:phpmyadmin:phpmyadmin:4.4.4
cpe:/a:phpmyadmin:phpmyadmin:4.4.5
cpe:/a:phpmyadmin:phpmyadmin:4.4.6
cpe:/a:phpmyadmin:phpmyadmin:4.4.6.1
cpe:/a:phpmyadmin:phpmyadmin:4.4.7
cpe:/a:phpmyadmin:phpmyadmin:4.4.8
cpe:/a:phpmyadmin:phpmyadmin:4.4.9
cpe:/a:phpmyadmin:phpmyadmin:4.4.10
cpe:/a:phpmyadmin:phpmyadmin:4.4.11
cpe:/a:phpmyadmin:phpmyadmin:4.4.12
cpe:/a:phpmyadmin:phpmyadmin:4.4.13
cpe:/a:phpmyadmin:phpmyadmin:4.4.13.1
cpe:/a:phpmyadmin:phpmyadmin:4.4.14.1
cpe:/a:phpmyadmin:phpmyadmin:4.4.15
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.1
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.2
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.3
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.4
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.5
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.6
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.7
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.8
cpe:/a:phpmyadmin:phpmyadmin:4.4.15.9
cpe:/a:phpmyadmin:phpmyadmin:4.6.0
cpe:/a:phpmyadmin:phpmyadmin:4.6.0:alpha1
cpe:/a:phpmyadmin:phpmyadmin:4.6.0:rc1
cpe:/a:phpmyadmin:phpmyadmin:4.6.0:rc2
cpe:/a:phpmyadmin:phpmyadmin:4.6.1
cpe:/a:phpmyadmin:phpmyadmin:4.6.2
cpe:/a:phpmyadmin:phpmyadmin:4.6.3
cpe:/a:phpmyadmin:phpmyadmin:4.6.4
cpe:/a:phpmyadmin:phpmyadmin:4.6.5

Date published: 2017-07-17T09:18:16.407-04:00

Date last modified: 2017-07-19T10:39:58.907-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: https://www.phpmyadmin.net/security/PMASA-2017-4

Summary: phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.