9 matches found
CVE-2019-25453
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
CVE-2019-25453
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
CVE-2019-25451
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2019-25454
CVE-2019-25454 affects phpMoAdmin 1.1.5. The vulnerability is a stored cross-site scripting (XSS) in the collection parameter of moadmin.php, allowing unauthenticated attackers to inject and store script payloads that execute in users’ browsers when the affected page is viewed. The root cause is ...
CVE-2019-25451 phpMoAdmin 1.1.5 Cross-Site Request Forgery via moadmin.php
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2019-25451
CVE-2019-25451 affects phpMoAdmin 1.1.5. The issue is a cross-site request forgery (CSRF) that can let an attacker trick an authenticated user into submitting GET requests to moadmin.php with parameters such as action, db, and collection, enabling unauthorized create/drop/repair of databases and ...
PT-2026-21320
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
PT-2026-21321
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
PHPMoAdmin 'moadmin.php' Remote Code Execution Vulnerability
phpMoAdmin is a PHP development in the MongoDB management tools , can be used to create , delete and modify databases and indexes , provide views and data search tools , provide database startup time and memory statistics , support JSON. A remote code execution vulnerability exists in PHPMoAdmin...