CVE-2008-3197

EPSS 0.47%

phpmyadmin - several issues

Published: 7/16/2008Modified: 5/7/2026

Description

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.

Affected packages (2)

Debian/phpmyadminfrom 0, < 4:2.11.7.1-1
Debian/phpmyadminfrom 0, < 4:2.9.1.1-8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-3197