Description
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-1999-0407)
WordPress Plugin RapidLoad Power-Up for Autoptimize SQL Injection (1.6.35)
WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)
WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.1)
WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.0)