VDB

GCVE-110-MAGEIA-2019-200

GCVE-110-MAGEIA-2019-200
Advisory Published
Vulnetix · Advisory published June 21, 2019
Updated phpmyadmin packages fix security vulnerabilities: A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. (CVE-2019-11768, PMASA-2019-3) A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) through the victim. (CVE-2019-12616, PMASA-2019-4)

Affected Products

VendorProductVersionsPlatforms
Mageiaphpmyadmin0 (affected), 4.7.8-5.mga6 (unaffected), 4.7.8-5.mga6 (unaffected), 0 (affected)
Mageiashinken0 (affected), 2.4.3-2.1.mga7 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›