Description

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.

Remediation

References

CVE-2004-1147

Related Vulnerabilities

WordPress Plugin Like Button Rating-LikeBtn Server-Side Request Forgery (2.6.31)

WordPress Plugin File Manager Cross-Site Scripting (7.0)

WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.0.6)

Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2024-34364)

WordPress Plugin RSVPMaker SQL Injection (7.8.1)

Severity

Critical

Classification

CVE-2004-1147

Tags

Missing Update Known Vulnerabilities