プラットフォーム
php
コンポーネント
phpmoadmin
修正版
1.1.6
CVE-2019-25451 describes a cross-site request forgery (CSRF) vulnerability present in phpMoAdmin versions 1.1.5–1.1.5. This flaw allows attackers to execute unauthorized database operations, potentially leading to data manipulation or deletion. The vulnerability stems from insufficient input validation, enabling malicious requests to be crafted and submitted through authenticated user sessions. A fix is available, and immediate action is recommended.
The primary impact of CVE-2019-25451 is the potential for unauthorized database modifications. An attacker could leverage this CSRF vulnerability to create, drop, or repair databases and collections within the phpMoAdmin interface without the user's knowledge or consent. This could result in data loss, corruption, or even complete database compromise. Successful exploitation requires an authenticated user to interact with a malicious webpage or link. The blast radius is limited to the databases managed by the phpMoAdmin instance, but the consequences can be severe, particularly for sensitive data stored within those databases. While no direct precedent is immediately obvious, CSRF vulnerabilities often lead to similar database manipulation attacks.
CVE-2019-25451 was published on 2026-02-20. The vulnerability's severity is rated HIGH with a CVSS score of 8.8. There is no indication of this vulnerability being actively exploited or listed on CISA KEV. Public proof-of-concept exploits are not widely available, but the nature of CSRF vulnerabilities makes them relatively easy to develop.
Organizations running phpMoAdmin 1.1.5 are at risk, particularly those hosting the application on shared hosting environments where user interactions are more susceptible to CSRF attacks. Those with sensitive data stored in databases managed by phpMoAdmin are at higher risk of data compromise.
• php: Examine web server access logs for suspicious requests to moadmin.php with parameters like action=create, db=, and collection=.
grep 'moadmin.php.*action=create.*db=' /var/log/apache2/access.log• php: Check for unusual database activity within the phpMoAdmin interface, such as unexpected database creations or modifications. • generic web: Monitor for user reports of unauthorized database changes or access to the phpMoAdmin interface.
disclosure
エクスプロイト状況
EPSS
0.04% (13% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2019-25451 is to upgrade to a patched version of phpMoAdmin. Unfortunately, no specific fixed version is provided in the CVE data. As an interim measure, implement strict Web Application Firewall (WAF) rules to filter out potentially malicious requests targeting the moadmin.php script with parameters like action, db, and collection. Carefully review and restrict access to the phpMoAdmin interface, limiting it to authorized personnel only. Consider implementing CSRF tokens or other input validation techniques to further harden the application. After applying mitigations, verify the protection by attempting to submit a crafted CSRF request and confirming that it is blocked.
phpMoAdminを修正されたバージョンにアップデートしてください。開発者がこのCSRF脆弱性を修正する新しいバージョンをリリースしているか確認してください。入力検証と出力エンコードなどの追加のセキュリティ対策を実装して、CSRF攻撃のリスクを軽減してください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2019-25451 is a cross-site request forgery vulnerability in phpMoAdmin versions 1.1.5–1.1.5, allowing attackers to perform unauthorized database operations.
If you are using phpMoAdmin version 1.1.5, you are potentially affected by this vulnerability. Upgrade is the recommended solution.
Upgrade to a patched version of phpMoAdmin. If upgrading is not immediately possible, implement WAF rules to filter malicious requests.
There is no current evidence of active exploitation, but the vulnerability's nature makes it easily exploitable.
Refer to the phpMoAdmin project website or relevant security mailing lists for official advisories.