{"id":"CVE-2016-5703","details":"SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query.","modified":"2026-05-17T11:54:53.834517209Z","published":"2016-07-03T01:59:14.610Z","related":["openSUSE-SU-2024:10054-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"last_affected":"42.1"}],"vendor_product":"opensuse:leap","source":"CPE_FIELD","cpes":["cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"]},{"extracted_events":[{"last_affected":"13.1"},{"last_affected":"13.2"}],"vendor_product":"opensuse:opensuse","source":"CPE_FIELD","cpes":["cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"]}]},"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/91381"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-32"},{"type":"FIX","url":"https://github.com/phpmyadmin/phpmyadmin/commit/ef6c66dca1b0cb0a1a482477938cfc859d2baee3"},{"type":"FIX","url":"https://www.phpmyadmin.net/security/PMASA-2016-19/"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}