phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2008-1149 - Vulnerability Database

phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2008-1149

Medium

Reference: CVE-2008-1149

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-1149

Title: phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

phpMyAdmin before 2.11.5 accesses _REQUEST to obtain some parameters instead of _GET and _POST which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.