51 matches found
CVE-2019-25453
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
CVE-2019-25451
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2019-25454
phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. Attackers can send GET requests to moadmin.php with script payloads in the collection parameter during collection...
CVE-2019-25454
phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. Attackers can send GET requests to moadmin.php with script payloads in the collection parameter during collection...
CVE-2019-25454
phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. Attackers can send GET requests to moadmin.php with script payloads in the collection parameter during collection...
CVE-2019-25453
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
CVE-2019-25453
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
CVE-2019-25451
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2019-25451
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2019-25454 phpMoAdmin 1.1.5 Stored Cross-Site Scripting via collection Parameter
phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. Attackers can send GET requests to moadmin.php with script payloads in the collection parameter during collection...
CVE-2019-25454 phpMoAdmin 1.1.5 Stored Cross-Site Scripting via collection Parameter
phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. Attackers can send GET requests to moadmin.php with script payloads in the collection parameter during collection...
CVE-2019-25454
CVE-2019-25454 affects phpMoAdmin 1.1.5. The vulnerability is a stored cross-site scripting (XSS) in the collection parameter of moadmin.php, allowing unauthenticated attackers to inject and store script payloads that execute in users’ browsers when the affected page is viewed. The root cause is ...
CVE-2019-25453
CVE-2019-25453 affects phpMoAdmin 1.1.5 and describes a reflected cross-site scripting vulnerability where an unauthenticated attacker can craft a URL with a malicious payload in the newdb parameter of moadmin.php. The payload is executed in users’ browsers when they visit the link, enabling arbi...
CVE-2019-25453 phpMoAdmin 1.1.5 Reflected Cross-Site Scripting via moadmin.php
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
CVE-2019-25453 phpMoAdmin 1.1.5 Reflected Cross-Site Scripting via moadmin.php
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. Attackers can craft URLs with JavaScript payloads in the newdb parameter of moadmin.php to execute arbitrary code in user...
CVE-2019-25451 phpMoAdmin 1.1.5 Cross-Site Request Forgery via moadmin.php
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2019-25451
CVE-2019-25451 affects phpMoAdmin 1.1.5. The issue is a cross-site request forgery (CSRF) that can let an attacker trick an authenticated user into submitting GET requests to moadmin.php with parameters such as action, db, and collection, enabling unauthorized create/drop/repair of databases and ...
CVE-2019-25451 phpMoAdmin 1.1.5 Cross-Site Request Forgery via moadmin.php
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
phpMoAdmin 跨站脚本漏洞
phpMoAdmin is a MongoDB database management tool developed by Valentin Hilbig. Version 1.1.5 of phpMoAdmin contains a cross-site scripting vulnerability, which stems from improper cleaning of the newdb parameter. This vulnerability may lead to reflective cross-site scripting attacks...
PT-2026-21320
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...