MySQL is reported prone to multiple vulnerabilities that can be exploited together by a remote authenticated attacker to execute arbitrary code. This exploit takes advantage of an input validation vulnerability that can be exploited by remote users that have INSERT and DELETE privileges on the 'mysql' administrative database.
CVE Link
Product Name