High severity7.5NVD Advisory· Published Dec 11, 2016· Updated Jun 17, 2026
CVE-2016-9862
CVE-2016-9862
Description
An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.4:*:*:*:*:*:*:*
- (no CPE)range: <4.6.5
Patches
Vulnerability mechanics
References
3- www.phpmyadmin.net/security/PMASA-2016-67nvdPatchVendor Advisory
- www.securityfocus.com/bid/94528nvd
- security.gentoo.org/glsa/201701-32nvd
News mentions
0No linked articles in our index yet.