Description
phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.
Remediation
References
Related Vulnerabilities
Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3387)
WordPress Plugin GigPress Multiple Vulnerabilities (2.3.10)
Drupal User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2025-13082)