phpmyadmin -- XSRF vulnerabilities

2006-09-28T00:00:00
ID 19B17AB4-51E0-11DB-A5AE-00508D6A62DF
Type freebsd
Reporter FreeBSD
Modified 2006-10-03T00:00:00

Description

phpMyAdmin team reports:

We received a security advisory from Stefan Esser (sesser@hardened-php.net) and we wish to thank him for his work. It was possible to inject arbitrary SQL commands by forcing an authenticated user to follow a crafted link.