Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-6613 - Vulnerability Database
phpMyAdmin

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-6613

Medium
Reference: CVE-2016-6613
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-6613
Title: phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk to a file which phpMyAdmin is permitted to read but the user is not which phpMyAdmin will then expose to the user. All 4.6.x versions (prior to 4.6.4) 4.4.x versions (prior to 4.4.15.8) and 4.0.x versions (prior to 4.0.10.17) are affected.