exploitDog

CVE-2008-1149

Опубликовано: 01 мар. 2008

Источник: redhat

EPSS Низкий

Описание

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2008-1149

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=435706phpMyAdmin 2.11.5 contains a security fix

EPSS

Процентиль: 72%

0.00764

Низкий

Связанные уязвимости

CVE-2008-1149

ubuntu

больше 17 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

CVE-2008-1149

nvd

больше 17 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

CVE-2008-1149

debian

больше 17 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters ...

GHSA-p842-vv7g-4q9v

github

около 3 лет назад

phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.

EPSS

Процентиль: 72%

0.00764

Низкий