CVE-2001-1060 Information

Description

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php or (2) the strRenameTableOK argument in tbl_rename.php.

Reference

http://freshmeat.net/redir/phpmyadmin/8001/url_changelog/ http://freshmeat.net/redir/phpmyadmin/8001/url_changelog/ http://www.securityfocus.com/archive/1/200596 http://www.securityfocus.com/bid/3121