← Back

CVE-2008-3197

nvd nist
Published: Jul 16, 2008Modified: Apr 23, 2026

JSON object

Loading...
3.5
Vector
AV:N/AC:M/Au:S/C:N/I:P/A:N
Exploitability: 6.8 / Impact: 2.9
Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.

Affected (134)

Phpmyadmin
1 product
Phpmyadmin
Configuration A
134 vulnerable
Vulnerable SoftwareAffected Versions
Phpmyadmin
Phpmyadmin
Version 2.0.0
Phpmyadmin
Version 2.0.1
Phpmyadmin
Version 2.0.2
Phpmyadmin
Version 2.0.3
Phpmyadmin
Version 2.0.4
Phpmyadmin
Version 2.0.5
Phpmyadmin
Version 2.0
Phpmyadmin
Version 2.1.0
Phpmyadmin
Version 2.1.1
Phpmyadmin
Version 2.1.2
Phpmyadmin
Version 2.10.0.0
Phpmyadmin
Version 2.10.0.1
Phpmyadmin
Version 2.10.0.2
Phpmyadmin
Version 2.10.01
Phpmyadmin
Version 2.10.0
Phpmyadmin
Version 2.10.1.0
Phpmyadmin
Version 2.10.1
Phpmyadmin
Version 2.10.2.0
Phpmyadmin
Version 2.10.2
Phpmyadmin
Version 2.10.3.0
Phpmyadmin
Version 2.10.3
Phpmyadmin
Version 2.10.3rc1
Phpmyadmin
Version 2.11.0.0
Phpmyadmin
Version 2.11.0
Phpmyadmin
Version 2.11.0beta1
Phpmyadmin
Version 2.11.0rc1
Phpmyadmin
Version 2.11.1.0
Phpmyadmin
Version 2.11.1.1
Phpmyadmin
Version 2.11.1.2
Phpmyadmin
Version 2.11.1
Phpmyadmin
Version 2.11.1rc1
Phpmyadmin
Version 2.11.2.0
Phpmyadmin
Version 2.11.2.1
Phpmyadmin
Version 2.11.2.2
Phpmyadmin
Version 2.11.2
Phpmyadmin
Version 2.11.3.0
Phpmyadmin
Version 2.11.3
Phpmyadmin
Version 2.11.3rc1
Phpmyadmin
Version 2.11.4.0
Phpmyadmin
Version 2.11.4
Phpmyadmin
Version 2.11.4rc1
Phpmyadmin
Version 2.11.5.0
Phpmyadmin
Version 2.11.5.1
Phpmyadmin
Version 2.11.5.2
Phpmyadmin
Version 2.11.5
Phpmyadmin
Version 2.11.5rc1
Phpmyadmin
Version 2.11.6
Phpmyadmin
Version 2.11.6rc1
Phpmyadmin
Version 2.11.7.0
Phpmyadmin
Version 2.1
Phpmyadmin
Version 2.2.0
Phpmyadmin
Version 2.2.0_pre1
Phpmyadmin
Version 2.2.0_pre2
Phpmyadmin
Version 2.2.0_rc1
Phpmyadmin
Version 2.2.0_rc2
Phpmyadmin
Version 2.2.0_rc3
Phpmyadmin
Version 2.2.2
Phpmyadmin
Version 2.2.3
Phpmyadmin
Version 2.2.4
Phpmyadmin
Version 2.2.5
Phpmyadmin
Version 2.2.6
Phpmyadmin
Version 2.2.7_pl1
Phpmyadmin
Version 2.2
Phpmyadmin
Version 2.2_pre1
Phpmyadmin
Version 2.2_pre2
Phpmyadmin
Version 2.2_rc1
Phpmyadmin
Version 2.2_rc2
Phpmyadmin
Version 2.2_rc3
Phpmyadmin
Version 2.3.1
Phpmyadmin
Version 2.3.2
Phpmyadmin
Version 2.4.0
Phpmyadmin
Version 2.5.0
Phpmyadmin
Version 2.5.1
Phpmyadmin
Version 2.5.2
Phpmyadmin
Version 2.5.2_pl1
Phpmyadmin
Version 2.5.3
Phpmyadmin
Version 2.5.4
Phpmyadmin
Version 2.5.5
Phpmyadmin
Version 2.5.5_pl1
Phpmyadmin
Version 2.5.5_rc1
Phpmyadmin
Version 2.5.5_rc2
Phpmyadmin
Version 2.5.6_rc1
Phpmyadmin
Version 2.5.6_rc2
Phpmyadmin
Version 2.5.7
Phpmyadmin
Version 2.5.7_pl1
Phpmyadmin
Version 2.6.0_pl1
Phpmyadmin
Version 2.6.0_pl2
Phpmyadmin
Version 2.6.0_pl3
Phpmyadmin
Version 2.6.1
Phpmyadmin
Version 2.6.1_pl1
Phpmyadmin
Version 2.6.1_pl3
Phpmyadmin
Version 2.6.1_rc1
Phpmyadmin
Version 2.6.2
Phpmyadmin
Version 2.6.2_dev
Phpmyadmin
Version 2.6.2_pl1
Phpmyadmin
Version 2.6.2_rc1
Phpmyadmin
Version 2.6.3
Phpmyadmin
Version 2.6.3_pl1
Phpmyadmin
Version 2.6.4
Phpmyadmin
Version 2.6.4_pl1
Phpmyadmin
Version 2.6.4_pl2
Phpmyadmin
Version 2.6.4_pl3
Phpmyadmin
Version 2.6.4_pl4
Phpmyadmin
Version 2.6.4_rc1
Phpmyadmin
Version 2.7.0
Phpmyadmin
Version 2.7.0_beta1
Phpmyadmin
Version 2.7.0_pl1
Phpmyadmin
Version 2.7.0_pl2
Phpmyadmin
Version 2.7.0_rc1
Phpmyadmin
Version 2.7
Phpmyadmin
Version 2.7_pl1
Phpmyadmin
Version 2.8.0.1
Phpmyadmin
Version 2.8.0.2
Phpmyadmin
Version 2.8.0.3
Phpmyadmin
Version 2.8.0
Phpmyadmin
Version 2.8.1
Phpmyadmin
Version 2.8.1_dev
Phpmyadmin
Version 2.8.2
Phpmyadmin
Version 2.8.3
Phpmyadmin
Version 2.8.4
Phpmyadmin
Version 2.9.0.1
Phpmyadmin
Version 2.9.0.2
Phpmyadmin
Version 2.9.0.3
Phpmyadmin
Version 2.9.0
Phpmyadmin
Version 2.9.0_beta1
Phpmyadmin
Version 2.9.0_dev
Phpmyadmin
Version 2.9.0_rc1
Phpmyadmin
Version 2.9.1.1
Phpmyadmin
Version 2.9.1
Phpmyadmin
Version 2.9.1_rc1
Phpmyadmin
Version 2.9.1_rc2
Phpmyadmin
Version 2.9.2
Phpmyadmin
Version 2.9
Phpmyadmin
Version 2.9_rc1

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (32)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.