Description

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.

Remediation

References

CVE-2001-1060

Related Vulnerabilities

Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)

WordPress Plugin Post Grid Arbitrary File Deletion (2.0.12)

Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7932)

Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7938)

Severity

High

Classification

CVE-2001-1060

Tags

Missing Update Known Vulnerabilities