CVE-2008-4096

2008-09-18T15:04:00
ID CVE-2008-4096
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:32:00

Description

libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.