CVE-2015-3902

Опубликовано: 26 мая 2015

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.4.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.8:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.9:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.4:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.5:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.7:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.9.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.10.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.11:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.12:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.13.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.2.13.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.4:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.5:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.6:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.7:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.8:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.9:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.10:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.11:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.12:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.13:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00166

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

CVE-2015-3902

ubuntu

около 10 лет назад

CVE-2015-3902

debian

около 10 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in the setu ...

GHSA-4458-ww2x-8wwm

github

около 3 лет назад

EPSS

Процентиль: 39%

0.00166

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352