Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/23352?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/23352?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.3", "type": "composer", "namespace": "phpmyadmin", "name": "phpmyadmin", "version": "4.6.3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.9.11", "latest_non_vulnerable_version": "5.2.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7575?format=api", "vulnerability_id": "VCID-1dc8-kafr-3qd7", "summary": "Cross-site Scripting\nAn issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49238", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49234", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49207", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49212", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49257", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49255", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49225", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49223", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4918", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49096", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49159", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49187", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49136", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49163", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49155", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49214", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49165", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49216", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6628" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-51", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-51" }, { "reference_url": "http://www.securityfocus.com/bid/92492", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92492" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6628", "reference_id": "CVE-2016-6628", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6628" }, { "reference_url": "https://github.com/advisories/GHSA-phhm-63xx-v9rr", "reference_id": "GHSA-phhm-63xx-v9rr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-phhm-63xx-v9rr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6628", "GHSA-phhm-63xx-v9rr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1dc8-kafr-3qd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7602?format=api", "vulnerability_id": "VCID-64sy-unts-juf3", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user session, username, and password are not compromised by this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50961", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50988", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50995", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50974", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50921", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50929", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50891", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50817", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50869", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.509", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50855", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50885", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50851", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50909", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50892", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50989", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50967", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50951", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6625" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-48", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-48" }, { "reference_url": "http://www.securityfocus.com/bid/92491", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92491" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6625", "reference_id": "CVE-2016-6625", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6625" }, { "reference_url": "https://github.com/advisories/GHSA-r643-7xfg-ppc5", "reference_id": "GHSA-r643-7xfg-ppc5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r643-7xfg-ppc5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6625", "GHSA-r643-7xfg-ppc5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-64sy-unts-juf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7580?format=api", "vulnerability_id": "VCID-8fu3-wm7d-qkeu", "summary": "Incomplete Cleanup\nAn issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68683", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.6852", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68488", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68527", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.6854", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68518", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68567", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68572", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68578", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68556", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68599", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68636", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68603", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68628", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68424", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68443", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68463", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68506", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00567", "scoring_system": "epss", "scoring_elements": "0.68532", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6632" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-55", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-55" }, { "reference_url": "http://www.securityfocus.com/bid/92497", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92497" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6632", "reference_id": "CVE-2016-6632", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6632" }, { "reference_url": "https://github.com/advisories/GHSA-426q-975p-w5cr", "reference_id": "GHSA-426q-975p-w5cr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-426q-975p-w5cr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6632", "GHSA-426q-975p-w5cr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fu3-wm7d-qkeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7600?format=api", "vulnerability_id": "VCID-9t2s-etzf-t3d2", "summary": "Command Injection\nAn issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62361", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62241", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6222", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62272", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62256", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62266", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62283", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62276", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62222", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6227", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62328", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62281", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62308", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62108", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62169", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62199", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62166", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62216", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62233", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62252", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6609" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-32" }, { "reference_url": "http://www.securityfocus.com/bid/94112", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94112" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6609", "reference_id": "CVE-2016-6609", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6609" }, { "reference_url": "https://github.com/advisories/GHSA-wpww-hx7x-xfjh", "reference_id": "GHSA-wpww-hx7x-xfjh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wpww-hx7x-xfjh" }, { "reference_url": "https://usn.ubuntu.com/USN-4843-1/", "reference_id": "USN-USN-4843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4843-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6609", "GHSA-wpww-hx7x-xfjh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9t2s-etzf-t3d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7589?format=api", "vulnerability_id": "VCID-e9qs-mvaa-wyc6", "summary": "Incomplete List of Disallowed Inputs\nAn issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53393", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53326", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53352", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53332", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53304", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53316", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53279", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53236", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53286", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53338", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53299", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53325", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53227", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53276", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53244", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53296", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53291", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53341", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6624" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-47", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-47" }, { "reference_url": "http://www.securityfocus.com/bid/92489", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92489" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6624", "reference_id": "CVE-2016-6624", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6624" }, { "reference_url": "https://github.com/advisories/GHSA-mhxj-6vf8-mwv3", "reference_id": "GHSA-mhxj-6vf8-mwv3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mhxj-6vf8-mwv3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6624", "GHSA-mhxj-6vf8-mwv3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9qs-mvaa-wyc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7587?format=api", "vulnerability_id": "VCID-fgr8-8j61-cufq", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. A user can exploit the \"LOAD LOCAL INFILE\" functionality to expose files on the server to the database system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6612", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61554", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61444", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61426", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61465", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61453", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61441", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61456", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6145", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61451", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61511", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61473", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.615", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61406", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61375", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61437", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61459", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6612" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-35", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-35" }, { "reference_url": "http://www.securityfocus.com/bid/94113", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94113" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6612", "reference_id": "CVE-2016-6612", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6612" }, { "reference_url": "https://github.com/advisories/GHSA-fcgm-62p3-f7cm", "reference_id": "GHSA-fcgm-62p3-f7cm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fcgm-62p3-f7cm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6612", "GHSA-fcgm-62p3-f7cm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgr8-8j61-cufq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7596?format=api", "vulnerability_id": "VCID-fvnp-w4kk-3qfq", "summary": "Cross-site Scripting\nXSS issues were discovered in phpMyAdmin. This affects the database privilege check and the \"Remove partitioning\" functionality. Specially crafted database names can trigger the XSS attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63877", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63751", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63756", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63769", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63767", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63738", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63781", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63831", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63798", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63825", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63625", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63711", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63741", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63755", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.6374", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6608" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-31", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-31" }, { "reference_url": "http://www.securityfocus.com/bid/93258", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/93258" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6608", "reference_id": "CVE-2016-6608", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6608" }, { "reference_url": "https://github.com/advisories/GHSA-jfmj-27fp-qp67", "reference_id": "GHSA-jfmj-27fp-qp67", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jfmj-27fp-qp67" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6608", "GHSA-jfmj-27fp-qp67" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvnp-w4kk-3qfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7576?format=api", "vulnerability_id": "VCID-gzqe-8ywj-h7hk", "summary": "Cryptographic Issues\nAn issue was discovered in phpMyAdmin. When the user does not specify a `blowfish_secret` key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's `blowfish_secret` and potentially decrypt their cookies.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.6282", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.627", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62712", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62728", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62727", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62678", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62726", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62778", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62737", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62763", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62563", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.6267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62686", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62704", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62694", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62671", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62719", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9847" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123194700/http://www.securityfocus.com/bid/94524" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-58", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-58" }, { "reference_url": "http://www.securityfocus.com/bid/94524", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94524" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9847", "reference_id": "CVE-2016-9847", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9847" }, { "reference_url": "https://github.com/advisories/GHSA-9xhq-pm7v-693p", "reference_id": "GHSA-9xhq-pm7v-693p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9xhq-pm7v-693p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24336?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7h9b-a8dp-57hp" }, { "vulnerability": "VCID-uw6h-fpzy-x3ap" }, { "vulnerability": "VCID-zreq-41ja-pbf1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-9847", "GHSA-9xhq-pm7v-693p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gzqe-8ywj-h7hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7585?format=api", "vulnerability_id": "VCID-h5wu-ugm7-4bah", "summary": "Code Injection\nAn issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83109", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82918", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8296", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8298", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8299", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82994", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83017", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83037", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83058", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83057", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83073", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82853", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82869", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82878", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82903", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82911", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82926", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.82922", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6633" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-56", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-56" }, { "reference_url": "http://www.securityfocus.com/bid/92500", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/92500" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6633", "reference_id": "CVE-2016-6633", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6633" }, { "reference_url": "https://github.com/advisories/GHSA-p849-vf5f-f3x7", "reference_id": "GHSA-p849-vf5f-f3x7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p849-vf5f-f3x7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6633", "GHSA-p849-vf5f-f3x7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5wu-ugm7-4bah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7577?format=api", "vulnerability_id": "VCID-tydk-zjv1-nye6", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with `$cfg['AllowArbitraryServer']=true`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77363", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77206", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77207", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77197", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77233", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77239", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77255", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77259", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77289", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7731", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.773", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77317", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77104", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7714", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77122", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77191", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.7717", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6622" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125183746/http://www.securityfocus.com/bid/95049" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-45", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-45" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6622", "reference_id": "CVE-2016-6622", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6622" }, { "reference_url": "https://github.com/advisories/GHSA-qf3f-7x69-qfv3", "reference_id": "GHSA-qf3f-7x69-qfv3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qf3f-7x69-qfv3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6622", "GHSA-qf3f-7x69-qfv3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tydk-zjv1-nye6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7593?format=api", "vulnerability_id": "VCID-v66b-3ghf-9uas", "summary": "Improper Input Validation\nAn issue was discovered in phpMyAdmin involving the `$cfg['ArbitraryServerRegexp']` configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by `ArbitraryServerRegexp`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55083", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.551", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55142", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55121", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55056", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55048", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54998", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55039", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55097", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55057", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54974", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55075", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55101", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55076", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55138", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55118", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6629" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210725054025/http://www.securityfocus.com/bid/92493" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-52", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-52" }, { "reference_url": "http://www.securityfocus.com/bid/92493", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92493" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6629", "reference_id": "CVE-2016-6629", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6629" }, { "reference_url": "https://github.com/advisories/GHSA-567r-vqj7-5cw7", "reference_id": "GHSA-567r-vqj7-5cw7", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-567r-vqj7-5cw7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6629", "GHSA-567r-vqj7-5cw7" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v66b-3ghf-9uas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7603?format=api", "vulnerability_id": "VCID-z22z-a5bq-97d3", "summary": "Uncontrolled Resouce Consumption\nAn issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68147", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67985", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.6795", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67983", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68025", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68034", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68039", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68013", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68056", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68097", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68064", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.6809", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67889", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67912", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67931", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.6791", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67975", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.67998", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6618" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-41", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-41" }, { "reference_url": "http://www.securityfocus.com/bid/95047", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/95047" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6618", "reference_id": "CVE-2016-6618", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6618" }, { "reference_url": "https://github.com/advisories/GHSA-rv6m-chvv-wmxg", "reference_id": "GHSA-rv6m-chvv-wmxg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rv6m-chvv-wmxg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6618", "GHSA-rv6m-chvv-wmxg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z22z-a5bq-97d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7598?format=api", "vulnerability_id": "VCID-zg16-dfu1-g7dn", "summary": "Information Exposure\nAn issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61554", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61444", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61426", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61465", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61453", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61441", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61456", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6145", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61451", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61511", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61473", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.615", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61406", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61375", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61437", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61459", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6613" }, { "reference_url": "https://github.com/phpmyadmin/composer", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/phpmyadmin/composer" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-32" }, { "reference_url": "https://www.phpmyadmin.net/security/PMASA-2016-36", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.phpmyadmin.net/security/PMASA-2016-36" }, { "reference_url": "http://www.securityfocus.com/bid/94115", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94115" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6613", "reference_id": "CVE-2016-6613", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6613" }, { "reference_url": "https://github.com/advisories/GHSA-6j2v-g9rg-qcm5", "reference_id": "GHSA-6j2v-g9rg-qcm5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6j2v-g9rg-qcm5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23351?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mda-fksy-bqb2" }, { "vulnerability": "VCID-8xac-hgvs-ykgn" }, { "vulnerability": "VCID-9xxd-uwwt-57ba" }, { "vulnerability": "VCID-bcmm-z26p-rkfp" }, { "vulnerability": "VCID-jj7e-xndw-6fcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/21731?format=api", "purl": "pkg:composer/phpmyadmin/phpmyadmin@4.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jjv-4en4-e3gx" }, { "vulnerability": "VCID-5657-kcyh-7bc2" }, { "vulnerability": "VCID-986a-3m4g-83ge" }, { "vulnerability": "VCID-br1c-5bzf-ufeu" }, { "vulnerability": "VCID-c91y-txcw-2kdy" }, { "vulnerability": "VCID-ebk2-vjau-57h9" }, { "vulnerability": "VCID-fchc-55te-akhe" }, { "vulnerability": "VCID-g6ud-92qe-hqcx" }, { "vulnerability": "VCID-gu4y-aeqx-mqak" }, { "vulnerability": "VCID-hnud-ktgb-dfe6" }, { "vulnerability": "VCID-jma9-9uhu-xuc3" }, { "vulnerability": "VCID-mwtw-n1tv-hfd9" }, { "vulnerability": "VCID-ngtc-xtjn-xbhp" }, { "vulnerability": "VCID-qcra-cu62-43he" }, { "vulnerability": "VCID-rqy8-n6fr-hqey" }, { "vulnerability": "VCID-scu3-cfyc-9qfz" }, { "vulnerability": "VCID-tbnx-nuzv-ebdc" }, { "vulnerability": "VCID-tks3-6uv4-kygf" }, { "vulnerability": "VCID-yfja-ssw3-skh1" }, { "vulnerability": "VCID-ym9b-4su6-6fbr" }, { "vulnerability": "VCID-znfm-ak2t-mqdd" }, { "vulnerability": "VCID-zyzp-aqd8-e3a9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.7.0" } ], "aliases": [ "CVE-2016-6613", "GHSA-6j2v-g9rg-qcm5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zg16-dfu1-g7dn" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpmyadmin/phpmyadmin@4.6.3" }