libraries/session.inc.php in phpMyAdmin 4.0.x prior to 4.0.10.13, 4.4.x prior to 4.4.15.3, and 4.5.x prior to 4.5.4 does not properly generate CSRF token values, which allows remote malicious users to bypass intended access restrictions by predicting a value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.2 |
||
opensuse opensuse 13.1 |
||
opensuse leap 42.1 |
||
phpmyadmin phpmyadmin 4.5.2 |
||
phpmyadmin phpmyadmin 4.5.1 |
||
phpmyadmin phpmyadmin 4.4.8 |
||
phpmyadmin phpmyadmin 4.4.7 |
||
phpmyadmin phpmyadmin 4.4.15.1 |
||
phpmyadmin phpmyadmin 4.4.15 |
||
phpmyadmin phpmyadmin 4.5.0.2 |
||
phpmyadmin phpmyadmin 4.5.0.1 |
||
phpmyadmin phpmyadmin 4.4.6.1 |
||
phpmyadmin phpmyadmin 4.4.6 |
||
phpmyadmin phpmyadmin 4.4.14.1 |
||
phpmyadmin phpmyadmin 4.4.13.1 |
||
phpmyadmin phpmyadmin 4.0.10.12 |
||
phpmyadmin phpmyadmin 4.0.10.9 |
||
phpmyadmin phpmyadmin 4.0.10.2 |
||
phpmyadmin phpmyadmin 4.0.10.11 |
||
phpmyadmin phpmyadmin 4.0.0 |
||
phpmyadmin phpmyadmin 4.4.1 |
||
phpmyadmin phpmyadmin 4.4.0 |
||
phpmyadmin phpmyadmin 4.0.10.4 |
||
phpmyadmin phpmyadmin 4.0.10.3 |
||
phpmyadmin phpmyadmin 4.5.3 |
||
phpmyadmin phpmyadmin 4.4.15.2 |
||
phpmyadmin phpmyadmin 4.4.9 |
||
phpmyadmin phpmyadmin 4.4.3 |
||
phpmyadmin phpmyadmin 4.4.2 |
||
phpmyadmin phpmyadmin 4.4.10 |
||
phpmyadmin phpmyadmin 4.4.1.1 |
||
phpmyadmin phpmyadmin 4.0.10.6 |
||
phpmyadmin phpmyadmin 4.0.10.5 |
||
phpmyadmin phpmyadmin 4.0.10 |
||
phpmyadmin phpmyadmin 4.0.1 |
||
phpmyadmin phpmyadmin 4.5.0 |
||
phpmyadmin phpmyadmin 4.4.15.3 |
||
phpmyadmin phpmyadmin 4.4.5 |
||
phpmyadmin phpmyadmin 4.4.4 |
||
phpmyadmin phpmyadmin 4.4.13 |
||
phpmyadmin phpmyadmin 4.4.12 |
||
phpmyadmin phpmyadmin 4.4.11 |
||
phpmyadmin phpmyadmin 4.0.10.8 |
||
phpmyadmin phpmyadmin 4.0.10.7 |
||
phpmyadmin phpmyadmin 4.0.10.10 |
||
phpmyadmin phpmyadmin 4.0.10.1 |
||
fedoraproject fedora 23 |
||
fedoraproject fedora 24 |