Description
phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2008-7068)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2488)
WordPress Plugin Advanced Shipping Validation for WooCommerce Cross-Site Scripting (1.0.0)
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-8980)
WordPress Plugin Lightbox Multiple Unspecified Vulnerabilities (2.0.7)