CSRF Token Generation Vulnerability in phpMyAdmin
CVE-2016-2039 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
Learn more about our Web Application Penetration Testing UK.