CVE-2015-6517
phpliteadmin 1.1 - Cross-Site Request Forgery via droptable Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-6517.
AI-analyzed exploit summary This is a detailed technical analysis of CVE-2015-6517, covering CSRF and XSS vulnerabilities in phpLiteAdmin v1.1. It includes root cause analysis, exploit examples, and patch bypass techniques.
Description
Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.
Exploits (1)
exploitdb
WRITEUP
webappsphp
https://www.exploit-db.com/exploits/37515
This is a detailed technical analysis of CVE-2015-6517, covering CSRF and XSS vulnerabilities in phpLiteAdmin v1.1. It includes root cause analysis, exploit examples, and patch bypass techniques.
Classification
Writeup 95%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target:
phpLiteAdmin v1.1
No auth needed
Prerequisites:
Victim interaction (clicking a malicious link) · Knowledge of target table names for CSRF
MITRE ATT&CK
devstral-2 · analyzed Feb 19, 2026
Full analysis →
References (2)
Core 2
Core References
Exploit, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/535936/100/0/threaded
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/132580/phpLiteAdmin-1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
Scores
EPSS
0.0260
EPSS Percentile
83.3%
Details
CWE
CWE-352
Status
published
Products (1)
phpliteadmin_project/phpliteadmin
1.1
Published
Aug 18, 2015
Tracked Since
Feb 18, 2026