Vulnerabilities > Phpmyadmin > Phpmyadmin > 4.4.15.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-11 | CVE-2016-6614 | Path Traversal vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. | 4.3 |
| 2016-12-11 | CVE-2016-6613 | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 2.1 |
| 2016-12-11 | CVE-2016-6612 | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.0 |
| 2016-12-11 | CVE-2016-6611 | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.1 |
| 2016-12-11 | CVE-2016-6610 | Information Exposure vulnerability in PHPmyadmin A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. | 4.0 |
| 2016-12-11 | CVE-2016-6609 | Command Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.5 |
| 2016-12-11 | CVE-2016-6607 | Cross-site Scripting vulnerability in PHPmyadmin XSS issues were discovered in phpMyAdmin. | 4.3 |
| 2016-12-11 | CVE-2016-6606 | Information Exposure vulnerability in PHPmyadmin An issue was discovered in cookie encryption in phpMyAdmin. | 5.0 |
| 2016-07-05 | CVE-2016-5097 | Information Exposure vulnerability in multiple products phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs. | 5.0 |
| 2016-07-03 | CVE-2016-5739 | Information Exposure vulnerability in multiple products The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php. | 5.0 |