Search for vulnerabilities
Vulnerability details: VCID-epx5-jb71-2ygr
Vulnerability ID VCID-epx5-jb71-2ygr
Aliases CVE-2018-19969
Summary phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-352 Cross-Site Request Forgery (CSRF)
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00458 https://api.first.org/data/v1/epss?cve=CVE-2018-19969
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2018-19969
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
https://www.phpmyadmin.net/security/PMASA-2018-7/
http://www.securityfocus.com/bid/106175
CVE-2018-19969 https://nvd.nist.gov/vuln/detail/CVE-2018-19969
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.63355
EPSS Score 0.00458
Published At Dec. 19, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-12-19T17:41:33.094589+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 37.0.0