CVE-2019-10784

Name of the Vulnerable Software and Affected Versions phppgadmin versions prior to 7.12.1

Description The issue allows sensitive actions to be performed without validating the request origin, which can be exploited by a remote attacker to trick a logged-in administrator into visiting a malicious page. This can lead to the execution of arbitrary system commands on the server. The "database.php" area does not verify the source of an HTTP request, making it vulnerable to CSRF exploits.

Recommendations For versions prior to 7.12.1, update to version 7.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "database.php" page to minimize the risk of exploitation.