Month Of Abysssec Undisclosed Bugs – phpmyfamily versions 1.4.2 and below suffer from cross site request forgery, cross site scripting, information disclosure and remote SQL injection vulnerabilities.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/93996/moaub17-phpmyfamily.pdf
Source: https://packetstormsecurity.com/files/93996/Month-Of-Abysssec-Undisclosed-Bugs-phpmyfamily-1.4.2.html