Description
An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.23)
WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities (1.7.0)
WordPress Plugin Search Everything SQL Injection (8.1.6)
WordPress Plugin ZM Gallery SQL Injection (1.0)
WordPress Plugin WordPress File Upload Cross-Site Scripting (4.3.3)