CVE-2018-10188

2018-04-1914:29:00

Google

osv.dev

9.3 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

JSON

phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to execute arbitrary SQL statements, related to js/db_operations.js, js/tbl_operations.js, libraries/classes/Operations.php, and sql.php.

CPENameOperatorVersion
phpmyadmineqRELEASE_4_5_2
phpmyadmineqRELEASE_3_0_0RC2
phpmyadmineqRELEASE_3_3_3
phpmyadmineqRELEASE_2_11_9_1
phpmyadmineqRELEASE_2_10_0RC1
phpmyadmineqRELEASE_3_3_5RC1
phpmyadmineqRELEASE_3_3_8
phpmyadmineqRELEASE_2_10_0_1
phpmyadmineqRELEASE_4_6_5_2
phpmyadmineqRELEASE_2_9_0

Name	Operator	Version
phpmyadmin	eq	RELEASE_4_5_2
phpmyadmin	eq	RELEASE_3_0_0RC2
phpmyadmin	eq	RELEASE_3_3_3
phpmyadmin	eq	RELEASE_2_11_9_1
phpmyadmin	eq	RELEASE_2_10_0RC1
phpmyadmin	eq	RELEASE_3_3_5RC1
phpmyadmin	eq	RELEASE_3_3_8
phpmyadmin	eq	RELEASE_2_10_0_1
phpmyadmin	eq	RELEASE_4_6_5_2
phpmyadmin	eq	RELEASE_2_9_0