Arbitrary Command Execution in phpMyAdmin 2.2.0rc3 and Earlier

Arbitrary Command Execution in phpMyAdmin 2.2.0rc3 and Earlier

CVE-2001-1060 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.

Learn more about our Web Application Penetration Testing UK.