[phpMyAdmin Developers] Bug Posted by Another User

18 Sep 2019

It “seems" it would be an easy fix.  According to the original poster it says he
alerted the development team.

I searched the archive and maybe he private messaged a couple developers?

https://www.cvedetails.com/cve/CVE-2019-12922/
<https://www.cvedetails.com/cve/CVE-2019-12922/>

https://seclists.org/fulldisclosure/2019/Sep/23
<https://seclists.org/fulldisclosure/2019/Sep/23>

The bug would have very low probability of exploit. You would have to be logged into an
existing phpmyadmin session and simultaneously trick the user to click on a link while in
the setup stage.

Thought I would post here that the bug is publicly posted.

Thanks,
Todd

P.S.  Enjoy phpmyadmin.  Been using it off and on over a decade.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[phpMyAdmin Developers] Bug Posted by Another User