WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-3902)

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file.

Remediation

References

Related Vulnerabilities

WordPress Plugin Custom Field Template PHP Object Injection (2.5.7)

Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070)

Squid Other Vulnerability (CVE-2010-3072)

Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.10.6)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1507)

Severity

Medium

Classification

CVE-2015-3902 CWE-352

Tags

Missing Update Known Vulnerabilities