Description
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.8.7)
WordPress Plugin KNR Author List Widget 'listItem[]' Parameter SQL Injection (2.0.0)
Drupal Core 5.x Local File Inclusion (5.0 - 5.11)
WordPress Plugin Caret Country Access Limit Cross-Site Scripting (1.0.1)
WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.5.5)