18 Fév 2016
CVE-2016-2041 Vulnerability
libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. (CVSS:5.0) (Last Update:2016-08-17)
Vulnerability Details : libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. Publish Date : 2016-02-19 Last Update Date : 2016-08-17 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-2041- Number Of Affected Versions By Product
- References For CVE-2016-2041
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-2041There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |