Description
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin User Login Log Cross-Site Scripting (2.2.2)
WordPress Plugin Kish Guest Posting 'uploadify.php' Arbitrary File Upload (1.2)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.22)
Mailman Other Vulnerability (CVE-2002-0389)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-0218)