cve/2019/CVE-2019-12922.md

CVE-2019-12922

Description

A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.

POC

Reference

• http://packetstormsecurity.com/files/154483/phpMyAdmin-4.9.0.1-Cross-Site-Request-Forgery.html
• http://seclists.org/fulldisclosure/2019/Sep/23
• https://www.exploit-db.com/exploits/47385

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/Awrrays/FrameVul
• https://github.com/alphaSeclab/sec-daily-2019
• https://github.com/tdcoming/Vulnerability-engine