Back to main page

phpMyAdmin Cross Site Request Forgery

Category:

Command Injection

Sub-category:

SQL Injection

Severity:

high

Description:

Detects attempts to trigger a Cross Site Request Forgery (CSRF) attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) to the victim.