FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- XSRF vulnerabilities

Affected packages
phpMyAdmin < 2.8.1


VuXML ID 2ecd02e2-e864-11da-b9f4-00123ffe8333
Discovery 2006-05-20
Entry 2006-05-21

phpMyAdmin security team reports:

It was possible to inject arbitrary SQL commands by forcing an authenticated user to follow a crafted link.

Such issue is quite common in many PHP applications and users should take care what links they follow. We consider these vulnerabilities to be quite dangerous.


CVE Name CVE-2006-1804