Descriptionlibraries/database_interface.lib.php in phpMyAdmin before 22.214.171.124 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SR:2009:003, published Mon, 02 Feb 2009 16:30:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE 11.0|| |