VulnerableCode Vulnerability Details - VCID-pt3h-c3kr-87c9

Search for vulnerabilities

Vulnerability details: VCID-pt3h-c3kr-87c9

Essentials
Severities (1)
References (5)
Severity details (0)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-pt3h-c3kr-87c9
Aliases	CVE-2017-1000499
Summary	phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-352	Cross-Site Request Forgery (CSRF)
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.11439	https://api.first.org/data/v1/epss?cve=CVE-2017-1000499

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2017-1000499
		https://www.exploit-db.com/exploits/45284/
		https://www.phpmyadmin.net/security/PMASA-2017-9/
		http://www.securitytracker.com/id/1040163
CVE-2017-1000499		https://nvd.nist.gov/vuln/detail/CVE-2017-1000499

No exploits are available.

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.93345
EPSS Score	0.11439
Published At	Dec. 19, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-12-19T17:41:32.904999+00:00	Debian Importer	Import	https://security-tracker.debian.org/tracker/data/json	37.0.0