Description
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
Remediation
References
Related Vulnerabilities
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2022-21663)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-15882)
XOOPS Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4851)
WordPress Plugin Google Alert And Twitter Multiple Vulnerabilities (3.1.5)