Descriptionlibraries/database_interface.lib.php in phpMyAdmin before 18.104.22.168 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SR:2009:003, published Mon, 02 Feb 2009 16:30:00 +0000
SUSE Timeline for this CVECVE page created: Fri Jun 28 06:39:40 2013
CVE page last modified: Fri Oct 7 12:45:42 2022