Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions


A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases.

phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's widely used to manage the database for websites created with WordPress, Joomla, and many other content management platforms.

Discovered by security researcher and pentester Manuel Garcia Cardenas, the vulnerability claims to be a cross-site request forgery (CSRF) flaw, also known as XSRF, a well-known attack wherein attackers trick authenticated users into executing an unwanted action.


Source: https://thehackernews.com/2019/09/phpmyadmin-csrf-exploit.html


Read more on this website >>