Herman Van Rink

**Name of the Vulnerable Software and Affected Versions** phpMyAdmin versions 2.11.x through 2.11.9.5 phpMyAdmin versions 3.x through 3.2.2.0 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table. **Recommendations** For phpMyAdmin versions 2.11.x through 2.11.9.5, update to version 2.11.9.6 or later. For phpMyAdmin versions 3.x through 3.2.2.0, update to version 3.2.2.1 or later.

**Name of the Vulnerable Software and Affected Versions** phpMyAdmin versions 2.11.x through 2.11.9.5 phpMyAdmin versions 3.x through 3.2.2.0 **Description** A SQL injection issue exists in the PDF schema generator functionality, allowing remote attackers to execute arbitrary SQL commands via unspecified interface parameters. **Recommendations** For phpMyAdmin versions 2.11.x through 2.11.9.5, update to version 2.11.9.6 or later. For phpMyAdmin versions 3.x through 3.2.2.0, update to version 3.2.2.1 or later.