PhpMyAdmin XSS Vulnerability (CVE-2016-2560)
PhpMyAdmin XSS Vulnerability (CVE-2016-2560)
Release date:
Updated on:
Affected Systems:
PhpMyAdmin <4.0.10.15
PhpMyAdmin <4.4.15.5
PhpMyAdmin <4.5.5.1
Description:
CVE (CAN) ID: CVE-2016-2560
Phpmyadmin is an online management tool for MySQL databases.
Multiple security vulnerabilities exist in phpmyadmin versions earlier than 4.0.10.15, 4.4.15.5, and 4.5.5.1. authenticated users can perform XSS attacks on multiple pages by using structured SQL queries.
<* Source: Emanuel Bronshtein @ e3amn2l
*>
Suggestion:
Vendor patch:
PhpMyAdmin
----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://www.phpmyadmin.net/security/PMASA-2016-11/
Example of LAMP architecture collaborative application-phpMyAdmin
PhpMyAdmin and Wordpress for LAMP applications
PhpMyAdmin logon timeout Solution
Install phpMyAdmin and Adminer in Ubuntu
Implement SSL functions based on LAMP and install phpMyAdmin
Configure the LAMP + phpMyAdmin PHP (5.5.9) development environment in Ubuntu 14.04
PhpMyAdmin details: click here
PhpMyAdmin: click here
This article permanently updates the link address: