phpMyAdmin 2.2.0rc3 and previous versions allows remote malicious users to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyadmin phpmyadmin 2.0.2 |
||
phpmyadmin phpmyadmin 2.0.4 |
||
phpmyadmin phpmyadmin 2.2_rc2 |
||
phpmyadmin phpmyadmin 2.0 |
||
phpmyadmin phpmyadmin 2.0.1 |
||
phpmyadmin phpmyadmin 2.1 |
||
phpmyadmin phpmyadmin 2.1.1 |
||
phpmyadmin phpmyadmin 2.1.2 |
||
phpmyadmin phpmyadmin 2.2_pre1 |
||
phpmyadmin phpmyadmin 2.0.3 |
||
phpmyadmin phpmyadmin 2.0.5 |
||
phpmyadmin phpmyadmin 2.2_rc1 |
||
phpmyadmin phpmyadmin 2.2_rc3 |