High severity8.6NVD Advisory· Published Jan 31, 2017· Updated May 13, 2026
CVE-2016-6621
CVE-2016-6621
Description
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpmyadmin/phpmyadminPackagist | >= 4.6.0, < 4.6.6 | 4.6.6 |
phpmyadmin/phpmyadminPackagist | >= 4.4.0, < 4.4.15.10 | 4.4.15.10 |
phpmyadmin/phpmyadminPackagist | < 4.0.10.19 | 4.0.10.19 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.securityfocus.com/bid/95914nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-44vv-mm86-7cg6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-6621ghsaADVISORY
- www.phpmyadmin.net/security/PMASA-2016-44/nvdVendor Advisory
- lists.debian.org/debian-lts-announce/2018/07/msg00006.htmlnvdWEB
- www.phpmyadmin.net/security/PMASA-2016-44ghsaWEB
News mentions
0No linked articles in our index yet.