id: CVE-2019-12616 info: name: phpMyAdmin <4.9.0 - Cross-Site Request Forgery author: Mohammedsaneem,philippedelteil,daffainfo severity: medium description: phpMyAdmin before 4.9.0 is susceptible to cross-site request forgery. An attacker can utilize a broken tag which points at the victim's phpMyAdmin database, thus leading to potential delivery of a payload, such as a specific INSERT or DELETE statement. impact: | An attacker can trick an authenticated user into performing unintended actions on the phpMyAdmin application. remediation: | Upgrade phpMyAdmin to version 4.9.0 or later to mitigate the CSRF vulnerability. reference: - https://www.phpmyadmin.net/security/PMASA-2019-4/ - https://www.exploit-db.com/exploits/46982 - https://nvd.nist.gov/vuln/detail/CVE-2019-12616 - http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00005.html - http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00017.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N cvss-score: 6.5 cve-id: CVE-2019-12616 cwe-id: CWE-352 epss-score: 0.01434 epss-percentile: 0.85177 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: phpmyadmin product: phpmyadmin tags: csrf,edb,cve,cve2019,phpmyadmin http: - method: GET path: - "{{BaseURL}}/phpmyadmin/" matchers-condition: and matchers: - type: dsl dsl: - compare_versions(version, '< 4.9.0') - type: word words: - "phpmyadmin.net" - "phpMyAdmin" condition: or - type: status status: - 200 - 401 # password protected extractors: - type: regex name: version group: 1 regex: - '\?v=([0-9.]+)' internal: true - type: regex group: 1 regex: - '\?v=([0-9.]+)' # digest: 490a004630440220603b005e1c6d8a3454a93d39d430e71df8624adec76f2b05b0fa504ad7445c8d02203faa15d9b4e3eb930b1349620492bdb7270de4175363135fef2b7d0b6abf39b7:922c64590222798bb761d5b6d8e72950