phpMyAdmin Cross Site Request Forgery Vulnerability



phpMyAdmin is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
phpMyAdmin 4.7.x versions prior to 4.7.7 are vulnerable.

Information

Bugtraq ID: 102271
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Dec 20 2017 12:00AM
Updated: Dec 20 2017 12:00AM
Credit: Ashutosh Barot
Vulnerable: phpMyAdmin phpMyAdmin 4.7


Not Vulnerable: phpMyAdmin phpMyAdmin 4.7.7


Exploit


To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.


References:

Related Posts

Comments