CVE-2005-4450

Name of the Vulnerable Software and Affected Versions phpMyAdmin version 2.7.0

Description A cross-site request forgery (CSRF) issue allows remote attackers to perform unauthorized actions as a logged-in user. This can be achieved via a link or IMG tag to "server privileges.php", utilizing the dbname and checkprivs parameters.

Recommendations For phpMyAdmin version 2.7.0, consider disabling access to the "server privileges.php" page until a patch is available. Restrict the use of the dbname and checkprivs parameters in the affected API endpoint to minimize the risk of exploitation.