High severity7.5NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026
CVE-2017-1000016
CVE-2017-1000016
Description
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpmyadmin/phpmyadminPackagist | >= 4.6, < 4.6.6 | 4.6.6 |
Affected products
10cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.5.2:*:*:*:*:*:*:*
- ghsa-coords2 versions
>= 4.6, < 4.6.6+ 1 more
- (no CPE)range: >= 4.6, < 4.6.6
- (no CPE)range: < 5.1.1-1.2
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-j2cq-h6v2-f875ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000016ghsaADVISORY
- www.phpmyadmin.net/security/PMASA-2017-5nvdThird Party AdvisoryWEB
- github.com/phpmyadmin/phpmyadmin/commit/3b6ed1fghsaWEB
News mentions
0No linked articles in our index yet.