Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2016-2041

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.

  • Published: Feb 20, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-2041
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
fedoraproject / fedora 22 22.x
fedoraproject / fedora 23 23.x
phpmyadmin / phpmyadmin 4.0.0 4.0.0.x
phpmyadmin / phpmyadmin 4.4.13.1 4.4.13.1.x
phpmyadmin / phpmyadmin 4.4.6 4.4.6.x
phpmyadmin / phpmyadmin 4.4.2 4.4.2.x
phpmyadmin / phpmyadmin 4.4.1.1 4.4.1.1.x
phpmyadmin / phpmyadmin 4.4.15 4.4.15.x
phpmyadmin / phpmyadmin 4.4.6.1 4.4.6.1.x
phpmyadmin / phpmyadmin 4.0.10.10 4.0.10.10.x
phpmyadmin / phpmyadmin 4.4.0 4.4.0.x
phpmyadmin / phpmyadmin 4.4.1 4.4.1.x
phpmyadmin / phpmyadmin 4.4.11 4.4.11.x
phpmyadmin / phpmyadmin 4.4.9 4.4.9.x
phpmyadmin / phpmyadmin 4.0.10 4.0.10.x
phpmyadmin / phpmyadmin 4.5.1 4.5.1.x
phpmyadmin / phpmyadmin 4.0.10.4 4.0.10.4.x
phpmyadmin / phpmyadmin 4.5.0.2 4.5.0.2.x
phpmyadmin / phpmyadmin 4.4.8 4.4.8.x
phpmyadmin / phpmyadmin 4.0.10.1 4.0.10.1.x
phpmyadmin / phpmyadmin 4.5.2 4.5.2.x
phpmyadmin / phpmyadmin 4.5.0 4.5.0.x
phpmyadmin / phpmyadmin 4.0.10.9 4.0.10.9.x
phpmyadmin / phpmyadmin 4.4.15.2 4.4.15.2.x
phpmyadmin / phpmyadmin 4.4.7 4.4.7.x
phpmyadmin / phpmyadmin 4.0.1 4.0.1.x
phpmyadmin / phpmyadmin 4.0.10.7 4.0.10.7.x
phpmyadmin / phpmyadmin 4.4.3 4.4.3.x
phpmyadmin / phpmyadmin 4.4.12 4.4.12.x
phpmyadmin / phpmyadmin 4.0.10.6 4.0.10.6.x
phpmyadmin / phpmyadmin 4.0.10.3 4.0.10.3.x
phpmyadmin / phpmyadmin 4.4.5 4.4.5.x
phpmyadmin / phpmyadmin 4.0.0-rc2 4.0.0-rc2.x
phpmyadmin / phpmyadmin 4.4.13 4.4.13.x
phpmyadmin / phpmyadmin 4.0.10.11 4.0.10.11.x
phpmyadmin / phpmyadmin 4.0.10.5 4.0.10.5.x
phpmyadmin / phpmyadmin 4.5.3 4.5.3.x
phpmyadmin / phpmyadmin 4.0.10.12 4.0.10.12.x
phpmyadmin / phpmyadmin 4.4.15.3 4.4.15.3.x
phpmyadmin / phpmyadmin 4.0.10.8 4.0.10.8.x
phpmyadmin / phpmyadmin 4.4.10 4.4.10.x
phpmyadmin / phpmyadmin 4.0.0-rc3 4.0.0-rc3.x
phpmyadmin / phpmyadmin 4.4.15.1 4.4.15.1.x
phpmyadmin / phpmyadmin 4.4.4 4.4.4.x
phpmyadmin / phpmyadmin 4.5.0.1 4.5.0.1.x
phpmyadmin / phpmyadmin 4.0.10.2 4.0.10.2.x
phpmyadmin / phpmyadmin 4.4.14.1 4.4.14.1.x
opensuse / leap 42.1 42.1.x
opensuse / opensuse 13.1 13.1.x
opensuse / opensuse 13.2 13.2.x