Miggo Logo

CVE-2016-5706: phpMyAdmin Denial Of Service (DOS) attack

7.5

CVSS Score
3.0

Basic Information

EPSS Score
0.85851%
Published
5/14/2022
Updated
4/24/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
phpmyadmin/phpmyadmincomposer>= 4.0, < 4.0.10.164.0.10.16
phpmyadmin/phpmyadmincomposer>= 4.4, < 4.4.15.74.4.15.7
phpmyadmin/phpmyadmincomposer>= 4.6, < 4.6.34.6.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from processing an unbounded array parameter in js/get_scripts.js.php. The patch adds array_slice(...,0,10) to limit iterations, indicating the original code lacked this restriction. The foreach loop over $_GET['scripts'] directly consumes user-controlled input without validation, enabling DoS via resource exhaustion (CWE-400). The file path and vulnerable pattern are explicitly shown in the commit diff and advisory descriptions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

js/**t_s*ripts.js.p*p in p*pMy**min *.*.x ***or* *.*.**.**, *.*.x ***or* *.*.**.*, *n* *.*.x ***or* *.*.* *llows r*mot* *tt**k*rs to **us* * **ni*l o* s*rvi** vi* * l*r** *rr*y in t** s*ripts p*r*m*t*r.

Reasoning

T** vuln*r**ility st*ms *rom pro**ssin* *n un*oun*** *rr*y p*r*m*t*r in js/**t_s*ripts.js.p*p. T** p*t** ***s *rr*y_sli**(...,*,**) to limit it*r*tions, in*i**tin* t** ori*in*l *o** l**k** t*is r*stri*tion. T** *or**** loop ov*r $_**T['s*ripts'] *ir*