A Cross Site Request Forgery (CSRF) vulnerability was discovered in PHPMyWind 5.6 which allows attackers to create a new administrator account without authentication.Referenceshttps://github.com/gaozhifeng/PHPMyWindhttps://github.com/gaozhifeng/PHPMyWind/issues/9