Critical phpMyAdmin Vulnerabilities Discovered
A number of bloggers and web site owners use phpMyAdmin for easy database administration. Two critical vulnerabilities have been discovered that could be used to gain full access to the affected server.
Exploits have already been made publicly available, see GNUCITIZEN for an example:
http://172.16.211.10/phpMyAdmin-3.0.1.1//config/
config.inc.php?p=phpinfo();
Description
Setup script used to generate configuration can be fooled using a crafted POST […]
Read more: Critical phpMyAdmin Vulnerabilities Discovered
Story added 10. June 2009, content source with full text you can find at link above.