PHPMyAdmin Setup Config Remote Code Execution Exploit

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
Vulnerabilty ID: 
CVE-2009-1151
Product Version: 
9.0
Released Date: 
Friday, July 31, 2009 - 00:00