PHPMyAdmin Import_Blacklist Variable Overwrite Vulnerability

info
discussion
exploit
solution
references

PHPMyAdmin Import_Blacklist Variable Overwrite Vulnerability

phpMyAdmin is prone to a vulnerability that permits an attacker to overwrite global variables.

An attacker can exploit this issue to overwrite the global variables with arbitrary input. Through control of the global variables, the attacker may be able to include arbitrary remote and local files depending on the current PHP version. Various other attacks are also possible.