The remote web server contains a PHP application that may allow arbitrary command execution. Description : According to its banner, the remote version of phpMyAdmin is vulnerable to an unspecified vulnerability in the MIME-based transformation system with 'external' transformations that may allow arbitrary command execution. Successful exploitation requires that PHP's 'safe_mode' be enabled.

Upgrade to phpMyAdmin version 2.6.0-pl2 or later.

• http://secunia.com/advisories/12813/

---

Updated on 2015-03-25