phpMyAdmin 4.0.10.x < / 4.4.15.x < / 4.6.x < 4.6.6 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9936


The remote web server contains a version of phpMyAdmin that is affected by multiple vulnerabilities.


Versions of phpMyAdmin 4.0.10.x prior to, 4.4.15.x prior to, and 4.6.x prior to 4.6.6 are unpatched, and therefore affected by the following vulnerabilities :

- A flaw exists that allows a cross-site redirection attack. This flaw exists because the application does not validate request paths before returning them to the user. This could allow a context-dependent attacker to create a specially crafted link that, if followed, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Such attacks are useful as the crafted URL initially appears to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client-side software such as a web browser or document rendering programs, as well as phishing attacks that mimic the legitimate site but send user-supplied information to the attacker. (OSVDB 151006)
- A flaw exists in the 'goto()' function that is triggered during the handling of table data, which may launch a recursive include operation. This may allow a remote attacker to cause a denial of service. (OSVDB 151008)
- A flaw exists that is due to the program failing to sanitize input passed via cookie parameters. This may allow a remote attacker to inject arbitrary CSS in themes. (OSVDB 151009)
- A flaw exists in replication status that is triggered during the handling of a specially crafted table name. This may allow a remote attacker to cause a denial of service. (OSVDB 151011)
- A flaw exists related to request handling between a user and a server, where the server can be induced into performing unintended actions (Server Side Request Forgery, or SSRF). By making a crafted request, the server can be used to conduct host-based attacks. This may allow an authenticated remote attacker to bypass access restrictions (e.g. host or network ACLs) and connect to hosts without the appropriate authorization. It is unclear if this may be leveraged for further impacts. (OSVDB 151021)


Upgrade to phpMyAdmin version 4.6.6 or later. If 4.6.x cannot be obtained, versions and have also been patched for these vulnerabilities.

See Also

Plugin Details

Severity: High

ID: 9936

File Name: 9936.prm

Family: CGI

Published: 2017/02/03

Modified: 2017/02/03

Dependencies: 9102

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 7.5

Temporal Score: 7


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Patch Publication Date: 2017/01/24

Vulnerability Publication Date: 2017/01/24

Reference Information

OSVDB: 151006, 151008, 151009, 151011, 151021