PT-2010-1424 · Php · Phpmyadmin
Sebastian Krahmer
+1
·
Published
2010-01-19
·
Updated
2010-05-06
·
CVE-2009-4605
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
phpMyAdmin versions 2.11.x before 2.11.10
Description
The issue allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. This is due to the
unserialize function being called on the values of the configuration and v[0] parameters in the setup script.Recommendations
For phpMyAdmin versions 2.11.x before 2.11.10, update to version 2.11.10 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpmyadmin