Description

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.

Remediation

References

CVE-2004-1147

Related Vulnerabilities

Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

WordPress Plugin Numbers generator and validator Multiple Unspecified Vulnerabilities (1.02)

WordPress Plugin WangGuard Multiple Vulnerabilities (1.7.2)

Apache HTTP Server Improper Handling of Case Sensitivity Vulnerability (CVE-2001-0766)

WordPress Plugin If>So Dynamic Content Unspecified Vulnerability (1.4.1)

Severity

Critical

Classification

CVE-2004-1147

Tags

Missing Update Known Vulnerabilities