Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
Typeapk
Namespacealpine
Namephpmyadmin
Version4.4.15.9-r0
Qualifiers
arch x86
distroversion v3.2
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4szd-esqn-93aq
vulnerability_id VCID-4szd-esqn-93aq
summary 
Exposure of Sensitive Information to an Unauthorized Actor
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the fopen wrapper issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9853
reference_id
reference_type
scores
0
value 0.00851
scoring_system epss
scoring_elements 0.74927
published_at 2026-04-21T12:55:00Z
1
value 0.00851
scoring_system epss
scoring_elements 0.74851
published_at 2026-04-01T12:55:00Z
2
value 0.00851
scoring_system epss
scoring_elements 0.74853
published_at 2026-04-02T12:55:00Z
3
value 0.00851
scoring_system epss
scoring_elements 0.74881
published_at 2026-04-04T12:55:00Z
4
value 0.00851
scoring_system epss
scoring_elements 0.74854
published_at 2026-04-07T12:55:00Z
5
value 0.00851
scoring_system epss
scoring_elements 0.74887
published_at 2026-04-08T12:55:00Z
6
value 0.00851
scoring_system epss
scoring_elements 0.749
published_at 2026-04-09T12:55:00Z
7
value 0.00851
scoring_system epss
scoring_elements 0.74924
published_at 2026-04-11T12:55:00Z
8
value 0.00851
scoring_system epss
scoring_elements 0.74902
published_at 2026-04-12T12:55:00Z
9
value 0.00851
scoring_system epss
scoring_elements 0.74892
published_at 2026-04-13T12:55:00Z
10
value 0.00851
scoring_system epss
scoring_elements 0.74929
published_at 2026-04-16T12:55:00Z
11
value 0.00851
scoring_system epss
scoring_elements 0.74936
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9853
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9853
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://web.archive.org/web/20210127193655/http://www.securityfocus.com/bid/94527
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210127193655/http://www.securityfocus.com/bid/94527
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-63
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-63
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9853
reference_id CVE-2016-9853
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9853
7
reference_url https://github.com/advisories/GHSA-rmmf-5xhh-gg27
reference_id GHSA-rmmf-5xhh-gg27
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rmmf-5xhh-gg27
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9853, GHSA-rmmf-5xhh-gg27
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4szd-esqn-93aq
1
url VCID-5mda-fksy-bqb2
vulnerability_id VCID-5mda-fksy-bqb2
summary 
Cross-site Scripting
An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9857
reference_id
reference_type
scores
0
value 0.00418
scoring_system epss
scoring_elements 0.61754
published_at 2026-04-04T12:55:00Z
1
value 0.00418
scoring_system epss
scoring_elements 0.61807
published_at 2026-04-21T12:55:00Z
2
value 0.00418
scoring_system epss
scoring_elements 0.61824
published_at 2026-04-18T12:55:00Z
3
value 0.00418
scoring_system epss
scoring_elements 0.61819
published_at 2026-04-16T12:55:00Z
4
value 0.00418
scoring_system epss
scoring_elements 0.61777
published_at 2026-04-13T12:55:00Z
5
value 0.00418
scoring_system epss
scoring_elements 0.61797
published_at 2026-04-12T12:55:00Z
6
value 0.00418
scoring_system epss
scoring_elements 0.6181
published_at 2026-04-11T12:55:00Z
7
value 0.00418
scoring_system epss
scoring_elements 0.61789
published_at 2026-04-09T12:55:00Z
8
value 0.00418
scoring_system epss
scoring_elements 0.61651
published_at 2026-04-01T12:55:00Z
9
value 0.00418
scoring_system epss
scoring_elements 0.61725
published_at 2026-04-07T12:55:00Z
10
value 0.00418
scoring_system epss
scoring_elements 0.61773
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9857
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9857
2
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
3
reference_url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-64
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-64
5
reference_url http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94530
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9857
reference_id CVE-2016-9857
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9857
7
reference_url https://github.com/advisories/GHSA-hmmx-wxh4-9w8w
reference_id GHSA-hmmx-wxh4-9w8w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hmmx-wxh4-9w8w
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9857, GHSA-hmmx-wxh4-9w8w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5mda-fksy-bqb2
2
url VCID-63cb-2hqp-3ug8
vulnerability_id VCID-63cb-2hqp-3ug8
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9850
reference_id
reference_type
scores
0
value 0.00565
scoring_system epss
scoring_elements 0.68352
published_at 2026-04-01T12:55:00Z
1
value 0.00565
scoring_system epss
scoring_elements 0.68372
published_at 2026-04-02T12:55:00Z
2
value 0.00565
scoring_system epss
scoring_elements 0.68391
published_at 2026-04-04T12:55:00Z
3
value 0.00565
scoring_system epss
scoring_elements 0.68368
published_at 2026-04-07T12:55:00Z
4
value 0.00565
scoring_system epss
scoring_elements 0.68419
published_at 2026-04-08T12:55:00Z
5
value 0.00565
scoring_system epss
scoring_elements 0.68436
published_at 2026-04-09T12:55:00Z
6
value 0.00565
scoring_system epss
scoring_elements 0.68462
published_at 2026-04-11T12:55:00Z
7
value 0.00565
scoring_system epss
scoring_elements 0.6845
published_at 2026-04-12T12:55:00Z
8
value 0.00565
scoring_system epss
scoring_elements 0.68417
published_at 2026-04-13T12:55:00Z
9
value 0.00565
scoring_system epss
scoring_elements 0.68455
published_at 2026-04-16T12:55:00Z
10
value 0.00565
scoring_system epss
scoring_elements 0.68469
published_at 2026-04-18T12:55:00Z
11
value 0.00565
scoring_system epss
scoring_elements 0.68446
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9850
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9850
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9850
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9850
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-63cb-2hqp-3ug8
3
url VCID-7ga4-rjej-s3h1
vulnerability_id VCID-7ga4-rjej-s3h1
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9859
reference_id
reference_type
scores
0
value 0.00637
scoring_system epss
scoring_elements 0.70411
published_at 2026-04-01T12:55:00Z
1
value 0.00637
scoring_system epss
scoring_elements 0.70425
published_at 2026-04-02T12:55:00Z
2
value 0.00637
scoring_system epss
scoring_elements 0.70442
published_at 2026-04-04T12:55:00Z
3
value 0.00637
scoring_system epss
scoring_elements 0.7042
published_at 2026-04-07T12:55:00Z
4
value 0.00637
scoring_system epss
scoring_elements 0.70466
published_at 2026-04-08T12:55:00Z
5
value 0.00637
scoring_system epss
scoring_elements 0.70481
published_at 2026-04-09T12:55:00Z
6
value 0.00637
scoring_system epss
scoring_elements 0.70505
published_at 2026-04-11T12:55:00Z
7
value 0.00637
scoring_system epss
scoring_elements 0.7049
published_at 2026-04-12T12:55:00Z
8
value 0.00637
scoring_system epss
scoring_elements 0.70476
published_at 2026-04-13T12:55:00Z
9
value 0.00637
scoring_system epss
scoring_elements 0.70518
published_at 2026-04-16T12:55:00Z
10
value 0.00637
scoring_system epss
scoring_elements 0.70526
published_at 2026-04-18T12:55:00Z
11
value 0.00637
scoring_system epss
scoring_elements 0.70506
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9859
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9859
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9859
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ga4-rjej-s3h1
4
url VCID-8xac-hgvs-ykgn
vulnerability_id VCID-8xac-hgvs-ykgn
summary 
Incomplete List of Disallowed Inputs
An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9861
reference_id
reference_type
scores
0
value 0.00246
scoring_system epss
scoring_elements 0.47891
published_at 2026-04-21T12:55:00Z
1
value 0.00246
scoring_system epss
scoring_elements 0.47821
published_at 2026-04-01T12:55:00Z
2
value 0.00246
scoring_system epss
scoring_elements 0.47859
published_at 2026-04-02T12:55:00Z
3
value 0.00246
scoring_system epss
scoring_elements 0.4788
published_at 2026-04-04T12:55:00Z
4
value 0.00246
scoring_system epss
scoring_elements 0.47829
published_at 2026-04-07T12:55:00Z
5
value 0.00246
scoring_system epss
scoring_elements 0.47882
published_at 2026-04-08T12:55:00Z
6
value 0.00246
scoring_system epss
scoring_elements 0.47878
published_at 2026-04-09T12:55:00Z
7
value 0.00246
scoring_system epss
scoring_elements 0.47902
published_at 2026-04-11T12:55:00Z
8
value 0.00246
scoring_system epss
scoring_elements 0.47879
published_at 2026-04-12T12:55:00Z
9
value 0.00246
scoring_system epss
scoring_elements 0.47889
published_at 2026-04-13T12:55:00Z
10
value 0.00246
scoring_system epss
scoring_elements 0.47943
published_at 2026-04-16T12:55:00Z
11
value 0.00246
scoring_system epss
scoring_elements 0.47937
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9861
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9861
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html
4
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-66
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-66
6
reference_url http://www.securityfocus.com/bid/94535
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94535
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9861
reference_id CVE-2016-9861
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9861
8
reference_url https://github.com/advisories/GHSA-r326-mp8g-6xfc
reference_id GHSA-r326-mp8g-6xfc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r326-mp8g-6xfc
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9861, GHSA-r326-mp8g-6xfc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xac-hgvs-ykgn
5
url VCID-9xxd-uwwt-57ba
vulnerability_id VCID-9xxd-uwwt-57ba
summary 
Cross-site Scripting
An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9856
reference_id
reference_type
scores
0
value 0.00418
scoring_system epss
scoring_elements 0.61754
published_at 2026-04-04T12:55:00Z
1
value 0.00418
scoring_system epss
scoring_elements 0.61807
published_at 2026-04-21T12:55:00Z
2
value 0.00418
scoring_system epss
scoring_elements 0.61824
published_at 2026-04-18T12:55:00Z
3
value 0.00418
scoring_system epss
scoring_elements 0.61819
published_at 2026-04-16T12:55:00Z
4
value 0.00418
scoring_system epss
scoring_elements 0.61777
published_at 2026-04-13T12:55:00Z
5
value 0.00418
scoring_system epss
scoring_elements 0.61797
published_at 2026-04-12T12:55:00Z
6
value 0.00418
scoring_system epss
scoring_elements 0.6181
published_at 2026-04-11T12:55:00Z
7
value 0.00418
scoring_system epss
scoring_elements 0.61789
published_at 2026-04-09T12:55:00Z
8
value 0.00418
scoring_system epss
scoring_elements 0.61651
published_at 2026-04-01T12:55:00Z
9
value 0.00418
scoring_system epss
scoring_elements 0.61725
published_at 2026-04-07T12:55:00Z
10
value 0.00418
scoring_system epss
scoring_elements 0.61773
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9856
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9856
2
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
3
reference_url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194716/http://www.securityfocus.com/bid/94530
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-64
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-64
5
reference_url http://www.securityfocus.com/bid/94530
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94530
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9856
reference_id CVE-2016-9856
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9856
7
reference_url https://github.com/advisories/GHSA-j8mx-x32r-5rf4
reference_id GHSA-j8mx-x32r-5rf4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8mx-x32r-5rf4
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9856, GHSA-j8mx-x32r-5rf4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9xxd-uwwt-57ba
6
url VCID-bbmt-dnp7-w3hr
vulnerability_id VCID-bbmt-dnp7-w3hr
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9852
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.65931
published_at 2026-04-01T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.65973
published_at 2026-04-02T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.66003
published_at 2026-04-04T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.65968
published_at 2026-04-07T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.66019
published_at 2026-04-08T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66032
published_at 2026-04-09T12:55:00Z
6
value 0.00501
scoring_system epss
scoring_elements 0.66051
published_at 2026-04-11T12:55:00Z
7
value 0.00501
scoring_system epss
scoring_elements 0.66038
published_at 2026-04-12T12:55:00Z
8
value 0.00501
scoring_system epss
scoring_elements 0.66008
published_at 2026-04-13T12:55:00Z
9
value 0.00501
scoring_system epss
scoring_elements 0.66044
published_at 2026-04-16T12:55:00Z
10
value 0.00501
scoring_system epss
scoring_elements 0.66057
published_at 2026-04-18T12:55:00Z
11
value 0.00501
scoring_system epss
scoring_elements 0.66046
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9852
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9852
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9852
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbmt-dnp7-w3hr
7
url VCID-bcmm-z26p-rkfp
vulnerability_id VCID-bcmm-z26p-rkfp
summary 
Improper Input Validation
An issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9860
reference_id
reference_type
scores
0
value 0.01016
scoring_system epss
scoring_elements 0.77197
published_at 2026-04-21T12:55:00Z
1
value 0.01016
scoring_system epss
scoring_elements 0.77104
published_at 2026-04-01T12:55:00Z
2
value 0.01016
scoring_system epss
scoring_elements 0.7711
published_at 2026-04-02T12:55:00Z
3
value 0.01016
scoring_system epss
scoring_elements 0.7714
published_at 2026-04-04T12:55:00Z
4
value 0.01016
scoring_system epss
scoring_elements 0.77122
published_at 2026-04-07T12:55:00Z
5
value 0.01016
scoring_system epss
scoring_elements 0.77155
published_at 2026-04-08T12:55:00Z
6
value 0.01016
scoring_system epss
scoring_elements 0.77163
published_at 2026-04-09T12:55:00Z
7
value 0.01016
scoring_system epss
scoring_elements 0.77191
published_at 2026-04-11T12:55:00Z
8
value 0.01016
scoring_system epss
scoring_elements 0.7717
published_at 2026-04-12T12:55:00Z
9
value 0.01016
scoring_system epss
scoring_elements 0.77165
published_at 2026-04-13T12:55:00Z
10
value 0.01016
scoring_system epss
scoring_elements 0.77206
published_at 2026-04-16T12:55:00Z
11
value 0.01016
scoring_system epss
scoring_elements 0.77207
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9860
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9860
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-65
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-65
5
reference_url http://www.securityfocus.com/bid/94525
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94525
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9860
reference_id CVE-2016-9860
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9860
7
reference_url https://github.com/advisories/GHSA-3hw5-fffc-qrg4
reference_id GHSA-3hw5-fffc-qrg4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3hw5-fffc-qrg4
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9860, GHSA-3hw5-fffc-qrg4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcmm-z26p-rkfp
8
url VCID-cypq-e4m8-q7ee
vulnerability_id VCID-cypq-e4m8-q7ee
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9855
reference_id
reference_type
scores
0
value 0.00724
scoring_system epss
scoring_elements 0.72503
published_at 2026-04-07T12:55:00Z
1
value 0.00724
scoring_system epss
scoring_elements 0.7251
published_at 2026-04-02T12:55:00Z
2
value 0.00724
scoring_system epss
scoring_elements 0.72526
published_at 2026-04-04T12:55:00Z
3
value 0.00724
scoring_system epss
scoring_elements 0.72541
published_at 2026-04-08T12:55:00Z
4
value 0.00724
scoring_system epss
scoring_elements 0.72554
published_at 2026-04-09T12:55:00Z
5
value 0.00724
scoring_system epss
scoring_elements 0.72578
published_at 2026-04-11T12:55:00Z
6
value 0.00724
scoring_system epss
scoring_elements 0.72561
published_at 2026-04-12T12:55:00Z
7
value 0.00724
scoring_system epss
scoring_elements 0.72551
published_at 2026-04-13T12:55:00Z
8
value 0.00724
scoring_system epss
scoring_elements 0.72593
published_at 2026-04-16T12:55:00Z
9
value 0.00724
scoring_system epss
scoring_elements 0.72603
published_at 2026-04-18T12:55:00Z
10
value 0.00724
scoring_system epss
scoring_elements 0.72594
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9855
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9855
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9855
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cypq-e4m8-q7ee
9
url VCID-dgbb-768s-ducg
vulnerability_id VCID-dgbb-768s-ducg
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9858
reference_id
reference_type
scores
0
value 0.00637
scoring_system epss
scoring_elements 0.70411
published_at 2026-04-01T12:55:00Z
1
value 0.00637
scoring_system epss
scoring_elements 0.70425
published_at 2026-04-02T12:55:00Z
2
value 0.00637
scoring_system epss
scoring_elements 0.70442
published_at 2026-04-04T12:55:00Z
3
value 0.00637
scoring_system epss
scoring_elements 0.7042
published_at 2026-04-07T12:55:00Z
4
value 0.00637
scoring_system epss
scoring_elements 0.70466
published_at 2026-04-08T12:55:00Z
5
value 0.00637
scoring_system epss
scoring_elements 0.70481
published_at 2026-04-09T12:55:00Z
6
value 0.00637
scoring_system epss
scoring_elements 0.70505
published_at 2026-04-11T12:55:00Z
7
value 0.00637
scoring_system epss
scoring_elements 0.7049
published_at 2026-04-12T12:55:00Z
8
value 0.00637
scoring_system epss
scoring_elements 0.70476
published_at 2026-04-13T12:55:00Z
9
value 0.00637
scoring_system epss
scoring_elements 0.70518
published_at 2026-04-16T12:55:00Z
10
value 0.00637
scoring_system epss
scoring_elements 0.70526
published_at 2026-04-18T12:55:00Z
11
value 0.00637
scoring_system epss
scoring_elements 0.70506
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9858
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9858
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9858
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgbb-768s-ducg
10
url VCID-ds84-gm9m-syce
vulnerability_id VCID-ds84-gm9m-syce
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9865
reference_id
reference_type
scores
0
value 0.00488
scoring_system epss
scoring_elements 0.65381
published_at 2026-04-01T12:55:00Z
1
value 0.00488
scoring_system epss
scoring_elements 0.6543
published_at 2026-04-02T12:55:00Z
2
value 0.00488
scoring_system epss
scoring_elements 0.65457
published_at 2026-04-04T12:55:00Z
3
value 0.00488
scoring_system epss
scoring_elements 0.65421
published_at 2026-04-07T12:55:00Z
4
value 0.00488
scoring_system epss
scoring_elements 0.65475
published_at 2026-04-08T12:55:00Z
5
value 0.00488
scoring_system epss
scoring_elements 0.65486
published_at 2026-04-09T12:55:00Z
6
value 0.00488
scoring_system epss
scoring_elements 0.65505
published_at 2026-04-11T12:55:00Z
7
value 0.00488
scoring_system epss
scoring_elements 0.65491
published_at 2026-04-12T12:55:00Z
8
value 0.00488
scoring_system epss
scoring_elements 0.65464
published_at 2026-04-13T12:55:00Z
9
value 0.00488
scoring_system epss
scoring_elements 0.65501
published_at 2026-04-16T12:55:00Z
10
value 0.00488
scoring_system epss
scoring_elements 0.65512
published_at 2026-04-18T12:55:00Z
11
value 0.00488
scoring_system epss
scoring_elements 0.65496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9865
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9865
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9865
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ds84-gm9m-syce
11
url VCID-ejut-u1r7-4qeb
vulnerability_id VCID-ejut-u1r7-4qeb
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9848
reference_id
reference_type
scores
0
value 0.00336
scoring_system epss
scoring_elements 0.56336
published_at 2026-04-01T12:55:00Z
1
value 0.00336
scoring_system epss
scoring_elements 0.56434
published_at 2026-04-02T12:55:00Z
2
value 0.00336
scoring_system epss
scoring_elements 0.56456
published_at 2026-04-04T12:55:00Z
3
value 0.00336
scoring_system epss
scoring_elements 0.56437
published_at 2026-04-07T12:55:00Z
4
value 0.00336
scoring_system epss
scoring_elements 0.56488
published_at 2026-04-08T12:55:00Z
5
value 0.00336
scoring_system epss
scoring_elements 0.56494
published_at 2026-04-18T12:55:00Z
6
value 0.00336
scoring_system epss
scoring_elements 0.56504
published_at 2026-04-11T12:55:00Z
7
value 0.00336
scoring_system epss
scoring_elements 0.56479
published_at 2026-04-12T12:55:00Z
8
value 0.00336
scoring_system epss
scoring_elements 0.5646
published_at 2026-04-13T12:55:00Z
9
value 0.00336
scoring_system epss
scoring_elements 0.56493
published_at 2026-04-16T12:55:00Z
10
value 0.00336
scoring_system epss
scoring_elements 0.56464
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9848
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9848
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9848
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9848
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejut-u1r7-4qeb
12
url VCID-gzqe-8ywj-h7hk
vulnerability_id VCID-gzqe-8ywj-h7hk
summary 
Cryptographic Issues
An issue was discovered in phpMyAdmin. When the user does not specify a `blowfish_secret` key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's `blowfish_secret` and potentially decrypt their cookies.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9847
reference_id
reference_type
scores
0
value 0.00432
scoring_system epss
scoring_elements 0.62618
published_at 2026-04-07T12:55:00Z
1
value 0.00432
scoring_system epss
scoring_elements 0.627
published_at 2026-04-21T12:55:00Z
2
value 0.00432
scoring_system epss
scoring_elements 0.62719
published_at 2026-04-18T12:55:00Z
3
value 0.00432
scoring_system epss
scoring_elements 0.62711
published_at 2026-04-16T12:55:00Z
4
value 0.00432
scoring_system epss
scoring_elements 0.62671
published_at 2026-04-13T12:55:00Z
5
value 0.00432
scoring_system epss
scoring_elements 0.62694
published_at 2026-04-12T12:55:00Z
6
value 0.00432
scoring_system epss
scoring_elements 0.62704
published_at 2026-04-11T12:55:00Z
7
value 0.00432
scoring_system epss
scoring_elements 0.62686
published_at 2026-04-09T12:55:00Z
8
value 0.00432
scoring_system epss
scoring_elements 0.62563
published_at 2026-04-01T12:55:00Z
9
value 0.00432
scoring_system epss
scoring_elements 0.62621
published_at 2026-04-02T12:55:00Z
10
value 0.00432
scoring_system epss
scoring_elements 0.6267
published_at 2026-04-08T12:55:00Z
11
value 0.00432
scoring_system epss
scoring_elements 0.62653
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9847
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847
2
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
3
reference_url https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-58
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-58
5
reference_url http://www.securityfocus.com/bid/94524
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94524
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9847
reference_id CVE-2016-9847
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9847
7
reference_url https://github.com/advisories/GHSA-9xhq-pm7v-693p
reference_id GHSA-9xhq-pm7v-693p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9xhq-pm7v-693p
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9847, GHSA-9xhq-pm7v-693p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzqe-8ywj-h7hk
13
url VCID-jj7e-xndw-6fcp
vulnerability_id VCID-jj7e-xndw-6fcp
summary 
Improper Input Validation
An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9851
reference_id
reference_type
scores
0
value 0.00241
scoring_system epss
scoring_elements 0.47365
published_at 2026-04-21T12:55:00Z
1
value 0.00241
scoring_system epss
scoring_elements 0.47299
published_at 2026-04-01T12:55:00Z
2
value 0.00241
scoring_system epss
scoring_elements 0.47335
published_at 2026-04-02T12:55:00Z
3
value 0.00241
scoring_system epss
scoring_elements 0.47355
published_at 2026-04-04T12:55:00Z
4
value 0.00241
scoring_system epss
scoring_elements 0.47303
published_at 2026-04-07T12:55:00Z
5
value 0.00241
scoring_system epss
scoring_elements 0.47358
published_at 2026-04-08T12:55:00Z
6
value 0.00241
scoring_system epss
scoring_elements 0.47356
published_at 2026-04-09T12:55:00Z
7
value 0.00241
scoring_system epss
scoring_elements 0.47379
published_at 2026-04-11T12:55:00Z
8
value 0.00241
scoring_system epss
scoring_elements 0.47354
published_at 2026-04-12T12:55:00Z
9
value 0.00241
scoring_system epss
scoring_elements 0.47361
published_at 2026-04-13T12:55:00Z
10
value 0.00241
scoring_system epss
scoring_elements 0.4742
published_at 2026-04-16T12:55:00Z
11
value 0.00241
scoring_system epss
scoring_elements 0.47413
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9851
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9851
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://www.phpmyadmin.net/security/PMASA-2016-62
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-62
5
reference_url http://www.securityfocus.com/bid/94534
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94534
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9851
reference_id CVE-2016-9851
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9851
7
reference_url https://github.com/advisories/GHSA-r2vw-p77f-vc27
reference_id GHSA-r2vw-p77f-vc27
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r2vw-p77f-vc27
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9851, GHSA-r2vw-p77f-vc27
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jj7e-xndw-6fcp
14
url VCID-unty-cjbe-pudk
vulnerability_id VCID-unty-cjbe-pudk
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9849
reference_id
reference_type
scores
0
value 0.00217
scoring_system epss
scoring_elements 0.44228
published_at 2026-04-01T12:55:00Z
1
value 0.00217
scoring_system epss
scoring_elements 0.44294
published_at 2026-04-02T12:55:00Z
2
value 0.00217
scoring_system epss
scoring_elements 0.44316
published_at 2026-04-04T12:55:00Z
3
value 0.00217
scoring_system epss
scoring_elements 0.4425
published_at 2026-04-07T12:55:00Z
4
value 0.00217
scoring_system epss
scoring_elements 0.44302
published_at 2026-04-08T12:55:00Z
5
value 0.00217
scoring_system epss
scoring_elements 0.44307
published_at 2026-04-09T12:55:00Z
6
value 0.00217
scoring_system epss
scoring_elements 0.44325
published_at 2026-04-11T12:55:00Z
7
value 0.00217
scoring_system epss
scoring_elements 0.44293
published_at 2026-04-12T12:55:00Z
8
value 0.00217
scoring_system epss
scoring_elements 0.44292
published_at 2026-04-13T12:55:00Z
9
value 0.00217
scoring_system epss
scoring_elements 0.4435
published_at 2026-04-16T12:55:00Z
10
value 0.00217
scoring_system epss
scoring_elements 0.44341
published_at 2026-04-18T12:55:00Z
11
value 0.00217
scoring_system epss
scoring_elements 0.4427
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9849
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9849
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9849
2
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9849
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-unty-cjbe-pudk
15
url VCID-wamt-3g12-t7ch
vulnerability_id VCID-wamt-3g12-t7ch
summary 
Cross-Site Request Forgery (CSRF)
An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9866
reference_id
reference_type
scores
0
value 0.00222
scoring_system epss
scoring_elements 0.44825
published_at 2026-04-21T12:55:00Z
1
value 0.00222
scoring_system epss
scoring_elements 0.44762
published_at 2026-04-01T12:55:00Z
2
value 0.00222
scoring_system epss
scoring_elements 0.44842
published_at 2026-04-02T12:55:00Z
3
value 0.00222
scoring_system epss
scoring_elements 0.44863
published_at 2026-04-04T12:55:00Z
4
value 0.00222
scoring_system epss
scoring_elements 0.44803
published_at 2026-04-07T12:55:00Z
5
value 0.00222
scoring_system epss
scoring_elements 0.44856
published_at 2026-04-08T12:55:00Z
6
value 0.00222
scoring_system epss
scoring_elements 0.44858
published_at 2026-04-09T12:55:00Z
7
value 0.00222
scoring_system epss
scoring_elements 0.44876
published_at 2026-04-11T12:55:00Z
8
value 0.00222
scoring_system epss
scoring_elements 0.44844
published_at 2026-04-12T12:55:00Z
9
value 0.00222
scoring_system epss
scoring_elements 0.44846
published_at 2026-04-13T12:55:00Z
10
value 0.00222
scoring_system epss
scoring_elements 0.44898
published_at 2026-04-16T12:55:00Z
11
value 0.00222
scoring_system epss
scoring_elements 0.44891
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9866
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9866
2
reference_url https://github.com/phpmyadmin/composer
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/phpmyadmin/composer
3
reference_url https://security.gentoo.org/glsa/201701-32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-32
4
reference_url https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123194736/http://www.securityfocus.com/bid/94536
5
reference_url https://www.phpmyadmin.net/security/PMASA-2016-71
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.phpmyadmin.net/security/PMASA-2016-71
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9866
reference_id CVE-2016-9866
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9866
7
reference_url https://github.com/advisories/GHSA-jvxx-8xxf-5495
reference_id GHSA-jvxx-8xxf-5495
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jvxx-8xxf-5495
8
reference_url https://usn.ubuntu.com/USN-4843-1/
reference_id USN-USN-4843-1
reference_type
scores
url https://usn.ubuntu.com/USN-4843-1/
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9866, GHSA-jvxx-8xxf-5495
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wamt-3g12-t7ch
16
url VCID-x455-zvve-wye9
vulnerability_id VCID-x455-zvve-wye9
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9854
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.65931
published_at 2026-04-01T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.65973
published_at 2026-04-02T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.66003
published_at 2026-04-04T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.65968
published_at 2026-04-07T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.66019
published_at 2026-04-08T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66032
published_at 2026-04-09T12:55:00Z
6
value 0.00501
scoring_system epss
scoring_elements 0.66051
published_at 2026-04-11T12:55:00Z
7
value 0.00501
scoring_system epss
scoring_elements 0.66038
published_at 2026-04-12T12:55:00Z
8
value 0.00501
scoring_system epss
scoring_elements 0.66008
published_at 2026-04-13T12:55:00Z
9
value 0.00501
scoring_system epss
scoring_elements 0.66044
published_at 2026-04-16T12:55:00Z
10
value 0.00501
scoring_system epss
scoring_elements 0.66057
published_at 2026-04-18T12:55:00Z
11
value 0.00501
scoring_system epss
scoring_elements 0.66046
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9854
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9854
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9854
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9854
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x455-zvve-wye9
17
url VCID-y7gs-va61-zqaa
vulnerability_id VCID-y7gs-va61-zqaa
summary 
Multiple vulnerabilities have been found in phpMyAdmin, the worst
    of which could lead to arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9864
reference_id
reference_type
scores
0
value 0.00436
scoring_system epss
scoring_elements 0.62919
published_at 2026-04-01T12:55:00Z
1
value 0.00436
scoring_system epss
scoring_elements 0.62978
published_at 2026-04-02T12:55:00Z
2
value 0.00436
scoring_system epss
scoring_elements 0.63007
published_at 2026-04-04T12:55:00Z
3
value 0.00436
scoring_system epss
scoring_elements 0.6297
published_at 2026-04-07T12:55:00Z
4
value 0.00436
scoring_system epss
scoring_elements 0.63022
published_at 2026-04-08T12:55:00Z
5
value 0.00436
scoring_system epss
scoring_elements 0.63038
published_at 2026-04-09T12:55:00Z
6
value 0.00436
scoring_system epss
scoring_elements 0.63055
published_at 2026-04-11T12:55:00Z
7
value 0.00436
scoring_system epss
scoring_elements 0.63041
published_at 2026-04-21T12:55:00Z
8
value 0.00436
scoring_system epss
scoring_elements 0.63019
published_at 2026-04-13T12:55:00Z
9
value 0.00436
scoring_system epss
scoring_elements 0.63056
published_at 2026-04-16T12:55:00Z
10
value 0.00436
scoring_system epss
scoring_elements 0.63063
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9864
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9864
fixed_packages
0
url pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
purl pkg:apk/alpine/phpmyadmin@4.4.15.9-r0?arch=x86&distroversion=v3.2&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main
aliases CVE-2016-9864
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7gs-va61-zqaa
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/phpmyadmin@4.4.15.9-r0%3Farch=x86&distroversion=v3.2&reponame=main