phpMyAdmin updates close security vulnerability

The phpMyAdmin developers have announced the release of version 3.3.9.1 and 2.11.11.2 of their database administration tool, security updates that fix a path disclosure vulnerability. According to the developers, when the README, ChangeLog or LICENSE files are removed from their original location, the scripts used to display these files can show their full path, possibly leading to further attacks.

All versions previous to 3.3.9.1 and 2.11.11.2 are said to be affected. While the developers consider the vulnerability to be non-critical, they still advise all users to upgrade as soon as possible. Alternatively, users can apply the provided patches.

Read more at H-online

Comments are closed.