CSRF Token Generation Vulnerability in phpMyAdmin

CSRF Token Generation Vulnerability in phpMyAdmin

CVE-2016-2039 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.

Learn more about our Web Application Penetration Testing UK.