Description
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2011-0852 Vulnerability (CVE-2011-0852)
WordPress Plugin MM Forms Community 'doajaxfileupload.php' Arbitrary File Upload (2.2.6)
WordPress 2.3.1 Unauthorized Post Access Vulnerability (2.3.1)
Drupal Other Vulnerability (CVE-2015-3233)
WordPress Plugin Conditional Payments for WooCommerce Cross-Site Request Forgery (2.3.1)