Description
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.
Remediation
References
Related Vulnerabilities
WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (1.7.4)
WordPress Plugin Twenty20 Image Before-After Cross-Site Scripting (1.5.9)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Local File Inclusion (1.5.24)
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)