CVE-2011-2718

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions 3.4.x through 3.4.3.1

Description The issue allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field. This is related to the files libraries/schema/User Schema.class.php and schema export.php.

Recommendations For phpMyAdmin versions 3.4.x through 3.4.3.1, update to version 3.4.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the export type field to minimize the risk of exploitation.