Versions 3.4.3.2 and 3.3.10.3 of phpMyAdmin were recently released, patching four vulnerabilities.

"According to the phpMyAdmin developers, the security releases address two 'critical' vulnerabilities that could lead to possible session manipulation in swekey authentication or remote code execution," The H Security reports.


"A 'serious' bug that could allow an attacker to perform a local file inclusion and a 'minor' cross-site scripting (XSS) hole have also been fixed," the article states.

Go to "phpMyAdmin updates close critical security holes" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.