(1) Local file inclusion vulnerability and (2) Cross-Site Scripting vulnerability
We received a security advisory from Stefan Esser (email@example.com) about (1). We received a security advisory from Tobias Klein (firstname.lastname@example.org) about (2). We wish to thank both of them for their work.
(1) : Due to the sequence of execution in the code that gets form parameters in some scripts, it was possible to craft a special attack form that overwrites configuration parameters.
(2) : Some scripts were vulnerable to XSS attacks: left.php, queryframe.php and server_databases.php.
We consider these vulnerabilities to be serious. However, (1) can be exploited only on systems not running in PHP safe mode (unless a deliberate hole was opened by including in open_basedir some paths containing sensitive data).
We did not make an extensive verification on this. Probably all previous versions.
Upgrade to phpMyAdmin 2.6.4-pl3 or newer.
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.