CVE-2015-6517

Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
phpliteadmin_projectphpliteadmin
1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
phpliteadmin
bullseye
1.9.8.2-1+deb11u1
fixed
sid
1.9.8.2-2
fixed
trixie
1.9.8.2-2
fixed
bookworm
1.9.8.2-2
fixed
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/132580/phpLiteAdmin-1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
http://www.securityfocus.com/archive/1/535936/100/0/threaded
http://packetstormsecurity.com/files/132580/phpLiteAdmin-1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
http://www.securityfocus.com/archive/1/535936/100/0/threaded