We consider these vulnerabilities to be serious.
An attacker must be logged in via phpMyAdmin to exploit this problem.
Versions 3.4.0 to 3.4.4 were found vulnerable.
Upgrade to phpMyAdmin 3.4.5 or apply the related patches listed below.
The first issue was found by Brad Bernard (iunfollow.com). The second issue was found by Nils Juenemann (https://twitter.com/#!/totally_unknown.)
The following commits have been made to fix this issue:
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.