Description

SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.

Remediation

References

CVE-2007-5976

Related Vulnerabilities

WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-11771)

WordPress Plugin Forms:3rd-Party Inject Results Cross-Site Scripting (0.2)

SharePoint CVE-2020-0972 Vulnerability (CVE-2020-0972)

WordPress Plugin WP Easy Poll Multiple Vulnerabilities (1.1.3)

Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)

Severity

Medium

Classification

CVE-2007-5976 CWE-138

Tags

Missing Update Known Vulnerabilities