Description
An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by ArbitraryServerRegexp. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin Recart-The New GhostMonitor Unspecified Vulnerability (1.5.0)
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-5424)
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-31857)
WordPress Plugin MSMC-Redirect After Comment Multiple Vulnerabilities (2.1.2)