Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability - CVE-2016-6609 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability - CVE-2016-6609

High
Reference: CVE-2016-6609
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-6609
Title: phpMyAdmin Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability
Overview:

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4) 4.4.x versions (prior to 4.4.15.8) and 4.0.x versions (prior to 4.0.10.17) are affected.