vulnerability
FreeBSD: VID-a5681027-8e03-11e9-85f4-6805ca0b3d42 (CVE-2019-12616): phpMyAdmin -- CSRF vulnerability in login form
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jun 13, 2019 | Jun 14, 2019 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jun 13, 2019
Added
Jun 14, 2019
Modified
Dec 10, 2025
Description
The phpMyAdmin development team reports: Summary CSRF vulnerability in login form Description A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) through the victim. Severity We consider this vulnerability to be severe. Mitigation factor Only the 'cookie' auth_type is affected; users can temporary use phpMyAdmin's http authentication as a workaround.
Solutions
freebsd-upgrade-package-phpmyadminfreebsd-upgrade-package-phpmyadmin-php56freebsd-upgrade-package-phpmyadmin-php70freebsd-upgrade-package-phpmyadmin-php71freebsd-upgrade-package-phpmyadmin-php72
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.