An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9851