CVE-2005-4450

Cross-site request forgery CSRF vulnerability in phpMyAdmin 2.7.0 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag to serverprivileges.php, as demonstrated using the dbname and checkprivs parameters. NOTE: the provenance of this issue is unknown,...

CVE-2005-4450

CVE-2005-4450 describes a CSRF vulnerability in phpMyAdmin 2.7.0 where remote attackers can perform unauthorized actions as a logged-in user by exploiting a link or IMG tag to server_priv privileges.php using dbname and checkprivs. Related OSV/NVD entries also reference a tied SQL injection discu...

PT-2005-5133 · Php · Phpmyadmin

Name of the Vulnerable Software and Affected Versions: phpMyAdmin version 2.7.0 Description: A cross-site request forgery CSRF issue allows remote attackers to perform unauthorized actions as a logged-in user. This can be achieved via a link or IMG tag to "server privileges.php", utilizing the...

DEBIAN-CVE-2005-4349

SQL injection vulnerability in serverprivileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the 1 dbname and 2 checkprivs parameters. NOTE: the vendor and a third party have disputed this issue, saying that the main task of the program is to...

CVE-2005-4349

CVE-2005-4349 : SQL injection in phpMyAdmin 2.7.0 is reported in server_privileges.php via the dbname and checkprivs parameters. The vendor/third party dispute the issue and suggest it may be rejected; a closely related CSRF issue is tracked as CVE-2005-4450. Connected sources confirm the presenc...

PT-2005-5035 · Phpmyadmin · Phpmyadmin

Name of the Vulnerable Software and Affected Versions: phpMyAdmin version 2.7.0 Description: A SQL injection issue allows remote authenticated users to execute arbitrary SQL commands via the dbname and checkprivs parameters in the server privileges.php file. However, the vendor and a third party...