2 matches found
in hestiacp/hestiacp
✍️ Description $SESSION"token" is a csrf token which is a md5 hash generated based on system time. It has been discovered that $SESSION"token" compares with $GET"token" using comparison operator != in file index.php. This might cause unexpected behavior due to type juggling. It is possible to...
[SECURITY] [DLA 481-1] phpmyadmin security update
Package : phpmyadmin Version : 4:3.4.11.1-2+deb7u3 CVE ID : CVE-2016-1927 CVE-2016-2038 CVE-2016-2039 CVE-2016-2040 CVE-2016-2041 CVE-2016-2045 CVE-2016-2560 This security update fixes a number of security issues in phpMyAdmin. We recommend you upgrade your phpmyadmin packages. CVE-2016-1927...