How to fix CVE-2019-25451?

Within 24 hours: Identify all systems running phpMoAdmin 1.1.5 and document business criticality. Within 7 days: Implement network-level restrictions (firewall rules, VPN requirement) to limit phpMoAdmin access to trusted internal networks only, and disable external web access. Within 30 days: Migrate to a patched alternative MongoDB management solution or upgrade to a newer phpMoAdmin version if available; evaluate whether this tool remains necessary for operations.

Is PHP affected by CVE-2019-25451?

phpMoAdmin 1.1.5 contains a critical cross-site request forgery (CSRF) vulnerability that allows attackers to manipulate database operations without user knowledge or consent.

CVE-2019-25451

HIGH

2026-02-20 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:04 vuln.today

PoC Detected

Mar 02, 2026 - 15:16 vuln.today

Public exploit code

CVE Published

Feb 20, 2026 - 23:16 nvd

HIGH 8.8

Description

phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collection to create, drop, or repair databases and collections without user consent.

Analysis

phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. [CVSS 8.8 HIGH]

Technical Context

Classified as CWE-918 (Server-Side Request Forgery (SSRF)). Affects Phpmoadmin. phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collection to create, drop, or repair databases and collections without user consent.

Affected Products

Vendor: Phpmoadmin. Product: Phpmoadmin. Versions: up to 1.1.5.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +44

POC: +20

CVE-2019-25451 vulnerability details – vuln.today

Back

CVE-2019-25451

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2019-25451

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code