Description

SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.

Remediation

References

CVE-2007-5976

Related Vulnerabilities

WordPress Plugin Gigya-Social Infrastructure Cross-Site Scripting (1.1.8)

Atlassian Jira Missing Authorization Vulnerability (CVE-2017-18101)

MySQL CVE-2020-14680 Vulnerability (CVE-2020-14680)

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5205)

WordPress Plugin File Away Multiple Unspecified Vulnerabilities (3.8.4)

Severity

Medium

Classification

CVE-2007-5976 CWE-138

Tags

Missing Update Known Vulnerabilities