Debian Security Advisory 1403-1 - Omer Singer of the DigiTrust Group discovered several vulnerabilities in phpMyAdmin, an application to administrate MySQL over the WWW. phpMyAdmin allows a remote attacker to inject arbitrary web script or HTML in the context of a logged in user's session (cross site scripting). phpMyAdmin, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
5275b7baa9165af8d22a446add0146d3d8e3389b49ff250971b8842ec17a09df
Mandriva Linux Security Advisory - A number of vulnerabilities and security-related issues have been fixed in phpMyAdmin versions since the 2.9.1.1 release. This update provides version 2.11.1.2 which is the latest stable release of phpMyAdmin.
950a6c444693a6c116ddbd1ea0030ebe56553584713ca3267cda047bf590ca96