CVE-2019-12922
MEDIUMPhpmyadmin < 4.9.0.1 - CSRF
Title source: ruleDescription
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
Exploits (1)
exploitdb
WRITEUP
by Manuel García Cárdenas · textwebappsphp
https://www.exploit-db.com/exploits/47385
References (10)
Scores
CVSS v3
6.5
EPSS
0.4225
EPSS Percentile
97.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Classification
CWE
CWE-352
Status
published
Affected Products (5)
phpmyadmin/phpmyadmin
< 4.9.0.1
fedoraproject/fedora
fedoraproject/fedora
fedoraproject/fedora
phpmyadmin/phpmyadmin
< 4.9.1Packagist
Timeline
Published
Sep 13, 2019
Tracked Since
Feb 18, 2026