Description
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-2612 Vulnerability (CVE-2018-2612)
WordPress Plugin WP Cost Estimation & Payment Forms Builder Directory Traversal (9.659)
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)
CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)
ProjectSend Incorrect Authorization Vulnerability (CVE-2024-11680)