• Welcome to Web Hosting Community Forum for Webmasters - Web hosting Forum.
 

Recommended Providers

Fully Managed WordPress Hosting
lc_banner_leadgen_3
Fully Managed WordPress Hosting

WordPress Theme

Divi WordPress Theme
WPZOOM

Forum Membership

Forum Membership

[phpMyAdmin] Critical XSRF/CSRF Vulnerability - PMASA-2017-9

Started by Kailash, January 09, 2018, 05:03:14 PM

Kailash

Summary

XSRF/CSRF vulnerability in phpMyAdmin

Description

By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.

Severity

We consider this vulnerability to be critical.

Affected Versions

Versions 4.7.x (prior to 4.7.7) are affected.

Unaffected Versions

Versions older than 4.7.0 are not affected.

Solution

Upgrade to phpMyAdmin 4.7.7 or newer.

For more information, kindly refer their official notification from the following URL:

https://www.phpmyadmin.net/security/PMASA-2017-9/