CVE-2018-10188 – phpMyAdmin 4.8.0 < 4.8.0-1 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-10188
phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to execute arbitrary SQL statements, related to js/db_operations.js, js/tbl_operations.js, libraries/classes/Operations.php, and sql.php. phpMyAdmin 4.8.0 en versiones anteriores a la 4.8.0-1 tiene Cross-Site Request Forgery (CSRF), que permite que un atacante ejecute instrucciones SQL arbitrarias. Esto está relacionado con js/db_operations.js, js/tbl_operations.js, libraries/classes/Operations.php y sql.php. phpMyAdmin versions 4.8.0 prior to 4.8.0-1 suffer from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/44496 http://www.securityfocus.com/bid/103936 http://www.securitytracker.com/id/1040752 https://www.phpmyadmin.net/security/PMASA-2018-2 • CWE-352: Cross-Site Request Forgery (CSRF) •