Description

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.

Remediation

References

CVE-2008-3197

Related Vulnerabilities

GlassFish CVE-2017-3249 Vulnerability (CVE-2017-3249)

WordPress Plugin yolink Search for WordPress 'bulkcrawl.php' SQL Injection (1.1.4)

Oracle Database Server CVE-2006-0259 Vulnerability (CVE-2006-0259)

WordPress Plugin Caldera Forms-More Than Contact Forms Arbitrary File Disclosure (1.8.1)

WordPress Improper Privilege Management Vulnerability (CVE-2019-20043)

Severity

Low

Classification

CVE-2008-3197 CWE-352

Tags

Missing Update Known Vulnerabilities