CVE-2016-6633

HIGH

phpMyAdmin <4.6.4, <4.4.15.8, <4.0.10.17 - RCE

Title source: llm

Description

An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

References (3)

Scores

CVSS v3 8.1
EPSS 0.0183
EPSS Percentile 82.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

Status draft

Affected Products (50)

phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
... and 35 more

Timeline

Published Dec 11, 2016
Tracked Since Feb 18, 2026