phpMyAdmin Arbitrary Command Execution Vulnerability

phpMyAdmin is a freely available tool that provides a WWW interface for handling MySQL adminstrative tasks.

An input validation error exists in phpMyAdmin that could allow remote users to cause arbitrary commands to be executed by the PHP interpreter at runtime. This may result in the disclosure of sensitive information or the execution of arbitrary code on a host running the software.

No authentication mechanisms are enabled with default installations of phpMyAdmin.


 

Privacy Statement
Copyright 2010, SecurityFocus