CVE-2015-6517
published 2015-08-18CVE-2015-6517: Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop…
PriorityP335medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
2.60%
83.4th percentile
Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | phpliteadmin | — | — |
| phpliteadmin_project | phpliteadmin | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_debian6.8LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vjxr-w794-jqm7: Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1
ghsa_unreviewed·2022-05-14
CVE-2015-6517 [MEDIUM] CWE-352 GHSA-vjxr-w794-jqm7: Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1
Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.
Debian
CVE-2015-6517: phpliteadmin - Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remot...
vendor_debian·2015·CVSS 6.8
CVE-2015-6517 [MEDIUM] CVE-2015-6517: phpliteadmin - Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remot...
Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/132580/phpLiteAdmin-1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.htmlhttp://www.securityfocus.com/archive/1/535936/100/0/threadedhttp://packetstormsecurity.com/files/132580/phpLiteAdmin-1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.htmlhttp://www.securityfocus.com/archive/1/535936/100/0/threaded
2015-08-18
Published