CVE-2018-17131

admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field.