CVE-2016-5730 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-5730 Interim 1 9 2025-04-22T23:46:00Z current 2021-05-30T13:44:08Z 2025-04-22T23:46:00Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-5730 phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed phpMyAdmin-4.6.5.2-1.1 phpMyAdmin-4.6.5.2-1.1 as a component of openSUSE Tumbleweed phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message. CVE-2016-5730 openSUSE Tumbleweed:phpMyAdmin-4.6.5.2-1.1 critical 5 AV:N/AC:L/Au:N/C:P/I:N/A:N 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N