Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-xwf2-53mc-r8hx

Опубликовано: 14 мая 2022
Источник: github
Github: Прошло ревью
CVSS3: 8.8

Описание

phpMyAdmin CSRF Vulnerability

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.

Ссылки

Пакеты

Наименование

phpmyadmin/phpmyadmin

composer
Затронутые версииВерсия исправления

>= 4.8, < 4.8.4

4.8.4

Наименование

phpmyadmin/phpmyadmin

composer
Затронутые версииВерсия исправления

>= 4.7, <= 4.7.6

Отсутствует

EPSS

Процентиль: 58%
0.00374
Низкий

8.8 High

CVSS3

CVE ID

CVE-2018-19969

Дефекты

CWE-352

Связанные уязвимости

ubuntu логотип

CVE-2018-19969

CVSS3: 8.8
ubuntu
больше 6 лет назад

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.

nvd логотип

CVE-2018-19969

CVSS3: 8.8
nvd
больше 6 лет назад

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.

debian логотип

CVE-2018-19969

CVSS3: 8.8
debian
больше 6 лет назад

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a s ...

suse-cvrf логотип

openSUSE-SU-2018:4125-1

suse-cvrf
больше 6 лет назад

Security update for phpMyAdmin

suse-cvrf логотип

openSUSE-SU-2018:4124-1

suse-cvrf
больше 6 лет назад

Security update for phpMyAdmin

EPSS

Процентиль: 58%
0.00374
Низкий

8.8 High

CVSS3

CVE ID

CVE-2018-19969

Дефекты

CWE-352