CVE-2001-1060

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions 2.2.0rc3 and earlier

Description The issue allows remote attackers to execute arbitrary commands by inserting them into specific arguments in certain PHP files. This can be done by inserting commands into the strCopyTableOK argument in tbl copy.php or the strRenameTableOK argument in tbl rename.php.

Recommendations For phpMyAdmin versions 2.2.0rc3 and earlier, consider upgrading to a version that is not affected by this issue. As a temporary workaround, restrict access to the tbl copy.php and tbl rename.php files to minimize the risk of exploitation. Avoid using the strCopyTableOK and strRenameTableOK arguments in these files until the issue is resolved.