Description
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
Remediation
References
Related Vulnerabilities
PHP Integer Overflow or Wraparound Vulnerability (CVE-2017-5340)
Atlassian Jira Missing Authentication for Critical Function Vulnerability (CVE-2019-8449)
LimeSurvey Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-16184)
WordPress Plugin WP Table Builder-WordPress Table Cross-Site Scripting (1.4.6)