CVE-2008-3197
phpMyAdmin <2.11.7.1 - CSRF
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.
References (16)
Scores
EPSS
0.0047
EPSS Percentile
64.0%
Classification
CWE
CWE-352
Status
draft
Affected Products (50)
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
... and 35 more
Timeline
Published
Jul 16, 2008
Tracked Since
Feb 18, 2026