I searched my friends website with Acunetix and found this:
Somebody who knows how to execute or exploit at least nr 1 or 2?The MySQL Enterprise Server is affected by multiple vulnerabilities.
1. Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options can be used to overwrite system table information.
2. ALTER VIEW retained the original DEFINER value, even when altered by another user, which could allow that user to gain the access rights of the view.
3. When using a FEDERATED table, the local server can be forced to crash if the remote server returns a result with fewer columns than expected.
I can NOTHING about SQL or MySQL. Any help would be appreciated.
I'm doing this for fun. To play a prank on my friend xD
Ps: He's using MySQL Enterprise Server v.5.0.52