Summary
This host is running phpMyAdmin and is prone to multiple CSRF Injection vulnerability.
Impact
Successful exploitation will let the attacker execute arbitrary codes in the context of the application and can compromise database, modify the data or can compromise the whole web application.
Solution
Upgrade to version 2.11.9.4 or 3.1.1.0
http://www.phpmyadmin.net
Insight
This flaw is due to failure in sanitizing user-supplied data before being used in the SQL queries via a link or IMG tag to tbl_structure.php with a modified table parameter.
Affected
phpMyAdmin, phpMyAdmin version 2.11 to 2.11.9.3 and 3.0 to 3.1.0.9.
References
Severity
Classification
-
CVE CVE-2008-5621 -
CVSS Base Score: 6.0
AV:N/AC:M/Au:S/C:P/I:P/A:P
Related Vulnerabilities