Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/63124?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/63124?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B0", "type": "composer", "namespace": "phpmyadmin", "name": "phpmyadmin", "version": "4.0.10+0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.9.11", "latest_non_vulnerable_version": "5.2.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43920?format=api", "vulnerability_id": "VCID-33mh-s92h-c7ht", "summary": "phpMyAdmin vulnerable to Cross-Site Request Forgery\nThe Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00919", "scoring_system": "epss", "scoring_elements": "0.76339", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00919", "scoring_system": "epss", "scoring_elements": "0.76369", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00919", "scoring_system": "epss", "scoring_elements": "0.76367", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223419/http://www.securityfocus.com/bid/91389" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-28", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-28" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5739", "reference_id": "CVE-2016-5739", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5739" }, { "reference_url": "https://github.com/advisories/GHSA-2p7v-jm8m-g3qq", "reference_id": "GHSA-2p7v-jm8m-g3qq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2p7v-jm8m-g3qq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63059?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16" }, { "url": "http://public2.vulnerablecode.io/api/packages/241057?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-j2k3-xghw-gfb3" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/63060?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7" }, { "url": "http://public2.vulnerablecode.io/api/packages/52993?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3" } ], "aliases": [ "CVE-2016-5739", "GHSA-2p7v-jm8m-g3qq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-33mh-s92h-c7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44087?format=api", "vulnerability_id": "VCID-gqxb-6rey-rbhv", "summary": "phpMyAdmin vulnerable to Cross-site Scripting\nMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.78254", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.78261", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.78228", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223017/http://www.securityfocus.com/bid/91390" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-26", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-26" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5733", "reference_id": "CVE-2016-5733", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5733" }, { "reference_url": "https://github.com/advisories/GHSA-cr65-p662-fx5c", "reference_id": "GHSA-cr65-p662-fx5c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-cr65-p662-fx5c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63059?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16" }, { "url": "http://public2.vulnerablecode.io/api/packages/241057?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-j2k3-xghw-gfb3" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/63060?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7" }, { "url": "http://public2.vulnerablecode.io/api/packages/52993?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3" } ], "aliases": [ "CVE-2016-5733", "GHSA-cr65-p662-fx5c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gqxb-6rey-rbhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98167?format=api", "vulnerability_id": "VCID-jxf7-1cq4-t3cv", "summary": "phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.87019", "scoring_system": "epss", "scoring_elements": "0.99456", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.87019", "scoring_system": "epss", "scoring_elements": "0.99457", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5734" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5734", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5734" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223418/http://www.securityfocus.com/bid/91387" }, { "reference_url": "https://www.exploit-db.com/exploits/40185", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/40185" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-27", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-27" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py", "reference_id": "CVE-2016-5734", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40185.py" }, { "reference_url": "https://github.com/advisories/GHSA-rv57-479x-x4qv", "reference_id": "GHSA-rv57-479x-x4qv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rv57-479x-x4qv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63059?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16" }, { "url": "http://public2.vulnerablecode.io/api/packages/241057?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-j2k3-xghw-gfb3" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/63060?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7" }, { "url": "http://public2.vulnerablecode.io/api/packages/52993?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3" } ], "aliases": [ "CVE-2016-5734", "GHSA-rv57-479x-x4qv" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxf7-1cq4-t3cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44050?format=api", "vulnerability_id": "VCID-qpj7-uk5e-nbez", "summary": "phpMyAdmin vulnerable to Cross-site Scripting\nsetup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64392", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64401", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64348", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/1dca386505f396f0c2035112a403cc80768a141f" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d" }, { "reference_url": "https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/phpmyadmin/commit/bf7379771f4b32e01f4af3b36f8ec6900288688e" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227223408/http://www.securityfocus.com/bid/91383" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-17", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-17" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3627" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5701", "reference_id": "CVE-2016-5701", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5701" }, { "reference_url": "https://github.com/advisories/GHSA-rh74-5835-jpxp", "reference_id": "GHSA-rh74-5835-jpxp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rh74-5835-jpxp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63059?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10%2B16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B16" }, { "url": "http://public2.vulnerablecode.io/api/packages/241057?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2at1-y3qg-77fb" }, { "vulnerability": "VCID-32ja-yuuw-bbbh" }, { "vulnerability": "VCID-7vpu-x9mb-q3c6" }, { "vulnerability": "VCID-a94q-k98a-6qbw" }, { "vulnerability": "VCID-amgy-teas-euh5" }, { "vulnerability": "VCID-d3qn-js1p-7yeq" }, { "vulnerability": "VCID-dx3h-z4dg-m3e1" }, { "vulnerability": "VCID-j2k3-xghw-gfb3" }, { "vulnerability": "VCID-kfr7-v6tb-eqau" }, { "vulnerability": "VCID-mzuh-5e5y-d3hr" }, { "vulnerability": "VCID-n7cc-xfym-u7g4" }, { "vulnerability": "VCID-w6nk-akeh-4ufg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/63060?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.4.15%2B7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.4.15%252B7" }, { "url": "http://public2.vulnerablecode.io/api/packages/52993?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3va7-xx14-gkds" }, { "vulnerability": "VCID-44uc-xrvp-7bet" }, { "vulnerability": "VCID-4avx-e9mf-2yb1" }, { "vulnerability": "VCID-4vgu-cagj-hfhb" }, { "vulnerability": "VCID-gmjk-222y-abda" }, { "vulnerability": "VCID-gtps-py3z-13cu" }, { "vulnerability": "VCID-jmn8-a5r9-2qc8" }, { "vulnerability": "VCID-mgu4-pf1x-r3dy" }, { "vulnerability": "VCID-nuju-ekmt-k7g9" }, { "vulnerability": "VCID-q7pe-bvr1-g3bc" }, { "vulnerability": "VCID-qqyb-zags-bbhz" }, { "vulnerability": "VCID-rz6q-hthe-1uer" }, { "vulnerability": "VCID-xqf5-yxf3-u3he" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3" } ], "aliases": [ "CVE-2016-5701", "GHSA-rh74-5835-jpxp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpj7-uk5e-nbez" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.0.10%252B0" }