Description
An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin ThreeWP Email Reflector 'Subject' Field Cross-Site Scripting (1.15)
WordPress Improper Input Validation Vulnerability (CVE-2016-9263)
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2008-4019)
WordPress Plugin Advanced Woo Search Cross-Site Scripting (2.77)
WordPress Plugin Uploader 'uploadify.php' Arbitrary File Upload (1.0.4)