Description

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.

Remediation

References

CVE-2001-1060

Related Vulnerabilities

Oracle Database Server CVE-2011-0852 Vulnerability (CVE-2011-0852)

WordPress Plugin MM Forms Community 'doajaxfileupload.php' Arbitrary File Upload (2.2.6)

WordPress 2.3.1 Unauthorized Post Access Vulnerability (2.3.1)

Drupal Other Vulnerability (CVE-2015-3233)

WordPress Plugin Conditional Payments for WooCommerce Cross-Site Request Forgery (2.3.1)

Severity

High

Classification

CVE-2001-1060

Tags

Missing Update Known Vulnerabilities