Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
phpPgAdmin <= 7.12.1 CSRF Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
phpPgAdmin is prone to a cross-site request forgery vulnerability.
Insight
Insight
phpPgAdmin allows sensitive actions to be performed without validating that the request originated from the application. One such area, 'database.php' does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to visit a malicious page with a CSRF exploit and execute arbitrary system commands on the server.
Affected Software
Affected Software
phpPgAdmin version 7.12.1 and prior.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
No known solution is available as of 20th February, 2020. Information regarding this issue will be updated once solution details are available.