Description

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.

Remediation

References

CVE-2004-1147

Related Vulnerabilities

WordPress Plugin GEO Redirector Cross-Site Scripting (1.0.1)

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0553)

YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4121)

WordPress Plugin Podlove Podcast Publisher Multiple Cross-Site Scripting Vulnerabilities (2.1.0)

Django Resource Management Errors Vulnerability (CVE-2011-4137)

Severity

Critical

Classification

CVE-2004-1147

Tags

Missing Update Known Vulnerabilities