phpMyAdmin Cross Site Request Forgery Vulnerability

phpMyAdmin is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
phpMyAdmin 4.7.x versions prior to 4.7.7 are vulnerable.


Bugtraq ID: 102271
Class: Input Validation Error
Remote: Yes
Local: No
Published: Dec 20 2017 12:00AM
Updated: Dec 20 2017 12:00AM
Credit: Ashutosh Barot
Vulnerable: phpMyAdmin phpMyAdmin 4.7

Not Vulnerable: phpMyAdmin phpMyAdmin 4.7.7


To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.


Related Posts