phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2016-07-02 18:59
Updated : 2017-06-30 18:29
NVD link : CVE-2016-5702
Mitre link : CVE-2016-5702
JSON object : View
CWE
CWE-254
7PK - Security Features
Products Affected
phpmyadmin
- phpmyadmin