Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-5097 - Vulnerability Database
phpMyAdmin

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-5097

Medium
Reference: CVE-2016-5097
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-5097
Title: phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.