A Cross Site Request Forgery (CSRF) vulnerability exists in PHPMyWind 5.6 which allows malicious users to create a new administrator account without authentication.
phpmywind phpmywind 5.6