The remote web server contains a PHP application that is vulnerable to multiple attack vectors.
Versions of phpMyAdmin 3.3.x earlier than 184.108.40.206 and 3.4.x earlier than 220.127.116.11 are potentially affected by multiple vulnerabilities : - A cross-site scripting vulnerability exists in the table Print view. (PMASA-2011-9) - A local file inclusion vulnerability can be exploited via a specially crafted MIME-type transformation parameter. (PMASA-2011-10) - In the 'relational schema' code a parameter is not sanitized before being used to concatenate a class name which could lead to a local file inclusion or code execution. (PMASA-2011-11) - It is possible to manipulate the PHP superglobals (including SESSION) using some of the Swekey authentication code. (PMASA-2011-12)
Upgrade to phpMyAdmin 18.104.22.168, 22.214.171.124, or later.