SecuritySpace - CVE-2016-9866

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2016-9866

Description: An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2016-9866
BugTraq ID: 94536
http://www.securityfocus.com/bid/94536
https://security.gentoo.org/glsa/201701-32

CVE ID:	CVE-2016-9866
Description:	An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9866 BugTraq ID: 94536 http://www.securityfocus.com/bid/94536 https://security.gentoo.org/glsa/201701-32