Main Vulnerability Database Exploits ID:6162 - Exploit for Cross-site request forgery in phpMyAdmin - CVE-2017-1000499

ID:6162 - Exploit for Cross-site request forgery in phpMyAdmin - CVE-2017-1000499

Published: June 17, 2021

Vulnerability identifier: #VU9819

Vulnerability risk: Low

CVE-ID: CVE-2017-1000499

CWE-ID: CWE-352

Exploitation vector: Remote access

Vulnerable software:
phpMyAdmin

Link to public exploit:

https://www.exploit-db.com/exploits/45284/

Vulnerability description

The vulnerability allows a remote attacker to perform CSRF attack.

The vulnerability exists due to absent validation of the request origin when performing certain database operations, such as deleting records or altering/truncating data in tables. A remote attacker can create a specially crafted web page, trick the victim into opening it and perform CSRF attack.

Remediation

Update to version 4.7.7.

ID:6162 - Exploit for Cross-site request forgery in phpMyAdmin - CVE-2017-1000499

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human