2017-10-16 12:31:07 -04:00
{
2019-03-17 21:51:57 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2016-5733" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
2017-10-16 12:31:07 -04:00
]
2019-03-17 21:51:57 +00:00
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88"
} ,
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5"
} ,
{
"name" : "openSUSE-SU-2016:1700" ,
"refsource" : "SUSE" ,
"url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html"
} ,
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b"
} ,
{
"name" : "DSA-3627" ,
"refsource" : "DEBIAN" ,
"url" : "http://www.debian.org/security/2016/dsa-3627"
} ,
{
"name" : "91390" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/91390"
} ,
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a"
} ,
{
"name" : "https://www.phpmyadmin.net/security/PMASA-2016-26/" ,
"refsource" : "CONFIRM" ,
"url" : "https://www.phpmyadmin.net/security/PMASA-2016-26/"
} ,
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c"
} ,
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865"
} ,
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322"
} ,
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc"
} ,
{
"name" : "GLSA-201701-32" ,
"refsource" : "GENTOO" ,
"url" : "https://security.gentoo.org/glsa/201701-32"
} ,
{
"name" : "openSUSE-SU-2016:1699" ,
"refsource" : "SUSE" ,
"url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html"
}
]
}
}
