Description
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.
Remediation
References
Related Vulnerabilities
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)
WordPress Plugin Post Grid Arbitrary File Deletion (2.0.12)
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7932)
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7938)