The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables.