The remote web server contains a PHP application that is affected by a security vulnerability as a result of improper user input sanitation.
Versions of phpMyAdmin 4.0.0 through 4.0.4 are potentially affected by a remote security vulnerability that lets attackers inject arbitrary GLOBALS variable. The issue occurs because the application fails to properly sanitize user-supplied input submitted to the 'import.php' script. Attackers can exploit this issue to inject arbitrary GLOBALS variables and manipulate any configuration parameters.
Apply the vendor patches or upgrade to phpMyAdmin 18.104.22.168 or later.