Показать сообщение отдельно
Старый 24.06.2016, 12:52   #28
Регистрация: 11.07.2010
Сообщений: 953
Репутация: 352
По умолчанию

A vulnerability was discovered that allows an SQL injection attack to run arbitrary commands as the control user.

In some versions of PHP, it's possible for an attacker to pass parameters to the preg_replace() function which can allow the execution of arbitrary PHP code. This code is not properly sanitized in phpMyAdmin as part of the table search and replace feature.
SynQ вне форума   Ответить с цитированием