The remote web server contains a PHP application that is affected by multiple vulnerabilities.
Versions of phpMyAdmin 4.0.x prior to 184.108.40.206, 4.2.x prior to 220.127.116.11, 4.3.x prior to 18.104.22.168, or 4.4.x prior to 22.214.171.124 are unpatched for the following vulnerabilities : - An attacker could trick a user with a crafted URL during installation to alter the configuration file being generated. (CVE-2015-3902) - A flaw exists in 'libraries/Config.class.php' due to an error in an API call to GitHub that allows a man-in-the-middle attacker to perform unauthorized actions. (CVE-2015-3903)
Upgrade to phpMyAdmin 126.96.36.199 / 188.8.131.52 / 184.108.40.206 / 220.127.116.11 or later, or apply the patches referenced in the vendor advisory.