Miggo Logo
Miggo Vulnerability Database
CVE-2016-2040

CVE-2016-2040: phpMyAdmin XSS Vulnerability

5.4

CVSS Score
3.0

Basic Information

CVE ID
CVE-2016-2040
GHSA ID
GHSA-pw34-qf6c-84fc
EPSS Score
0.7239%
CWE
CWE-79
Published
5/14/2022
Updated
9/13/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
phpmyadmin/phpmyadmincomposer>= 4.0, < 4.0.10.134.0.10.13
phpmyadmin/phpmyadmincomposer>= 4.4, < 4.4.15.34.4.15.3
phpmyadmin/phpmyadmincomposer>= 4.5, < 4.5.44.5.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commits 75a5582, aca42ef, and edffb52 explicitly show fixes adding escaping to user-controlled inputs in these components. The vulnerability description lists table names, SET values, search queries, and hostnames as vectors - these correspond to the unescaped $each_table (DbSearch), $uri (header_location), and $type/$value (rows_zoom) variables respectively. The lack of context-aware output encoding (HTML + JS escaping) in these locations directly matches the XSS vulnerability patterns described.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Multipl* *ross-sit* s*riptin* (XSS) vuln*r**iliti*s in p*pMy**min *.*.x ***or* *.*.**.**, *.*.x ***or* *.*.**.*, *n* *.*.x ***or* *.*.* *llow r*mot* *ut**nti**t** us*rs to inj**t *r*itr*ry w** s*ript or *TML vi* * (*) t**l* n*m*, (*) S*T v*lu*, (*) s

Reasoning

T** *ommits *******, *******, *n* ******* *xpli*itly s*ow *ix*s ***in* *s**pin* to us*r-*ontroll** inputs in t**s* *ompon*nts. T** vuln*r**ility **s*ription lists t**l* n*m*s, S*T v*lu*s, s**r** qu*ri*s, *n* *ostn*m*s *s v**tors - t**s* *orr*spon* to