PHPMyAdmin Server_databases Remote Code Execution Exploit

This module exploits a vulnerability in PHPMyAdmin. server_databases.php fails when it attemps to sanitize the sort_by parameter. It allows an attacker to inject code, and execute it on the web server with www-data privileges.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2008-4096
Product Version: 
8.0
Released Date: 
Wednesday, February 25, 2009 - 00:00