CVE-2016-6621

HIGH8.6EPSS 0.55%

phpMyAdmin server-side request forgery (SSRF)

發布日:2022/5/14修改日:2026/5/7

也稱為:GHSA-44vv-mm86-7cg6DEBIAN-CVE-2016-6621

描述

The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.

受影響套件(3)

Debian/phpmyadminfrom 0, < 4:4.6.6-1
Debian/phpmyadminfrom 0, < 4:3.4.11.1-2+deb7u8
Packagist/phpmyadmin/phpmyadmin>= 4.6.0, < 4.6.6

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH8.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

參考連結(5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2016-6621
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2016-6621
PATCHhttps://github.com/phpmyadmin/composer
WEBhttps://lists.debian.org/debian-lts-announce/2018/07/msg00006.html
WEBhttps://www.phpmyadmin.net/security/PMASA-2016-44