Linux Security
Linux Security
Linux Security

Mageia 2021-0074: phppgadmin security update

Date 08 Feb 2021
209
Posted By LinuxSecurity Advisories
phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, database.php does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to visit a malicious page with a CSRF exploit and execute arbitrary system commands on the
MGASA-2021-0074 - Updated phppgadmin package fixes a security vulnerability

Publication date: 08 Feb 2021
URL: https://advisories.mageia.org/MGASA-2021-0074.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2019-10784

phppgadmin through 7.12.1 allows sensitive actions to be performed without
validating that the request originated from the application. One such area,
database.php does not verify the source of an HTTP request. This can be
leveraged by a remote attacker to trick a logged-in administrator to visit a
malicious page with a CSRF exploit and execute arbitrary system commands on the
server (CVE-2019-10784).

References:
- https://bugs.mageia.org/show_bug.cgi?id=27912
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10784

SRPMS:
- 7/core/phppgadmin-7.13.0-1.mga7

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
/main-polls/52-how-frequently-do-you-patch-update-your-system?task=poll.vote&format=json
52
radio
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"47","type":"x","order":"1","pct":79.66,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"7","type":"x","order":"2","pct":11.86,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":8.47,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.

VOTE ON THE POLL PAGE


VIEW MORE POLLS

bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.