By Month

Nov 2024
Oct 2024
Sept 2024
Aug 2024
Jul 2024
Jun 2024
May 2024
Apr 2024
Mar 2024
Feb 2024
Older Announcements...
View RSS Feed

  By Month

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

pypMyAdmin 4.9.5

  • Tuesday, 24th March, 2020
  • 10:54am

The phpMyAdmin team announces the release of both 4.9.5 and 5.0.2.

Both versions contain several security fixes:

  • PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password
  • PMASA-2020-3 SQL injection vulnerability relating to the search feature
  • PMASA-2020-4 SQL injection and XSS having to do with displaying results
  • Removing of the "options" field for the external transformation.

We are removing the ability for users to set "options" field for the external transformation. This must now be hard coded in the plugin file directly (where the program is configured). This feature allows users to pipe output directly to an executable file, however the options field presented a security risk and we have decided to move the options to be hard coded in the transformation plugin file. For further assistance, please reach out to our support team through email or Github pull request.

« Back

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket