Medium severity6.1NVD Advisory· Published Dec 11, 2016· Updated Jun 17, 2026
CVE-2016-6608
CVE-2016-6608
Description
XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpmyadmin/phpmyadminPackagist | >= 4.6, < 4.6.4 | 4.6.4 |
Affected products
9cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.3:*:*:*:*:*:*:*
- ghsa-coords2 versions
>= 4.6, < 4.6.4+ 1 more
- (no CPE)range: >= 4.6, < 4.6.4
- (no CPE)range: < 4.6.5.2-1.1
Patches
Vulnerability mechanics
References
5- www.phpmyadmin.net/security/PMASA-2016-31nvdPatchVendor AdvisoryWEB
- github.com/advisories/GHSA-jfmj-27fp-qp67ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-6608ghsaADVISORY
- www.securityfocus.com/bid/93258nvdWEB
- security.gentoo.org/glsa/201701-32nvdWEB
News mentions
0No linked articles in our index yet.