phpMyAdmin 2.6.4 and 2.6.4-pl1 - Remote File Inclusion via $__redirect Parameter
PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array.