Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file.

Remediation

References

CVE-2015-3902

Related Vulnerabilities

phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13827)

OpenSSL Improper Input Validation Vulnerability (CVE-2010-0433)

Joomla! Core 4.x.x Security Bypass (4.0.0 - 4.2.7)

Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.10)

Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)

Severity

Medium

Classification

CVE-2015-3902 CWE-352

Tags

Missing Update Known Vulnerabilities