Lucene search
K

12 matches found

Hacker One
Hacker One
added 2021/02/28 10:10 a.m.125 views

QIWI: gifts.flocktory.com/phpmyadmin is vulnerable csrf

Summary: Hello Team, I found that the PHPMyAdmin login panel is publicly accessible on https://gifts.flocktory.com and it is using the 4.6.6 version of PHPMyAdmin, which is vulnerable to several CVEs...

5.8CVSS1.1AI score0.19184EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2019/10/08 12:0 a.m.212 views

phpMyAdmin <= 4.9.1 Cross-Site Request Forgery Vulnerability

A cross-site request forgery XSRF vulnerability exists in the Setup page of phpMyAdmin. A remote attacker can exploit this by tricking a user into visiting a specially crafted web page, allowing the attacker to delete any server in the setup page by creating a fake hyperlink containing the...

6.5CVSS7.8AI score0.10182EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.38 views

Fedora 31 : phpMyAdmin (2019-644b438f51)

Upstream announcement : Welcome to phpMyAdmin 4.9.1, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for thi...

6.5CVSS7.9AI score0.10182EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2019/10/02 12:0 a.m.37 views

Fedora 29 : phpMyAdmin (2019-3b5a7abe17)

Upstream announcement : Welcome to phpMyAdmin 4.9.1, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for thi...

6.5CVSS7.9AI score0.10182EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2019/10/02 12:0 a.m.24 views

Fedora 30 : phpMyAdmin (2019-6404181bf9)

Upstream announcement : Welcome to phpMyAdmin 4.9.1, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for thi...

6.5CVSS7.9AI score0.10182EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2019/09/30 12:0 a.m.41 views

openSUSE Security Update : phpMyAdmin (openSUSE-2019-2211)

This update for phpMyAdmin to 4.9.1 fixes the following issues : Security issue fixed : - CVE-2019-12922: Fixed CSRF issue that allowed deletion of any server in the Setup page. boo1150914 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.5CVSS8AI score0.10182EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2019/09/29 12:0 a.m.29 views

openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2019:2211-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.9AI score0.10182EPSS
Exploits5References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/09/28 12:0 a.m.185 views

Security update for phpMyAdmin (moderate)

openSUSE Security Update: Security update for phpMyAdmin Announcement ID: openSUSE-SU-2019:2211-1 Rating: moderate References: 1150914 Cross-References: CVE-2019-12922 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 SUSE Package Hub...

6.5CVSS6.8AI score0.10182EPSS
Exploits5References1
The Hacker News
The Hacker News
added 2019/09/18 9:15 a.m.140 views

Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions

A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases. phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's...

6.5CVSS6.9AI score0.10182EPSS
Exploits5
CVE
CVE
added 2019/09/13 12:27 p.m.325 views

CVE-2019-12922

The CVE-2019-12922 entry concerns a CSRF flaw in phpMyAdmin 4.9.0.1 that allows an attacker to cause deletion of a server from the Setup page by tricking a victim into visiting a crafted page. The root cause is insufficient validation of the HTTP request origin, enabling unauthorized actions on b...

6.5CVSS6.5AI score0.10182EPSS
Exploits5References10Affected Software1
Packet Storm
Packet Storm
added 2019/09/13 12:0 a.m.329 views

phpMyAdmin 4.9.0.1 Cross Site Request Forgery

============================================= MGC ALERT 2019-003 - Original release date: June 13, 2019 - Last revised: September 13, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,3/10 CVSS Base Score - CVE-ID: CVE-2019-12922 ============================================= I...

0.9AI score0.10182EPSS
Exploits5
exploitpack
exploitpack
added 2019/09/13 12:0 a.m.101 views

phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery

phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery ============================================= MGC ALERT 2019-003 - Original release date: June 13, 2019 - Last revised: September 13, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,3/10 CVSS Base Score - CVE-ID: CVE-2019-12922...

5.8CVSS1AI score0.10182EPSS
Exploits5
Rows per page
Query Builder