Security Advisory

CVE-2008-4096

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-09-17 18:06:00

Last updated 2024-08-07 10:00:42

Assigner mitre

State PUBLISHED

Description

libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.

← Browse all CVEs View on cve.org ↗