Description

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.

Remediation

References

CVE-2001-1060

Related Vulnerabilities

MySQL CVE-2020-2901 Vulnerability (CVE-2020-2901)

e107 Other Vulnerability (CVE-2005-2327)

MySQL CVE-2018-2591 Vulnerability (CVE-2018-2591)

ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2254)

WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (4.2)

Severity

High

Classification

CVE-2001-1060

Tags

Missing Update Known Vulnerabilities