Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8.4 of its software to patch several important vulnerabilities that could eventually allow remote attackers to take control of the affected web servers.
The phpMyAdmin project last Sunday gave an early heads-up about the latest security update through its blog, probably the first time, as an experiment to find if pre-announcements can help website admins, hosting providers and package managers better prepare for the security release.
“We are inspired by the workflow of other projects (such as Mediawiki and others) which often announce any security release in advance to allow package maintainers and hosting providers to prepare. We are experimenting to see if such a workflow is suitable for our project,” phpMyAdmin release manager Isaac Bennetch told The Hacker News.
phpMyAdmin is a free, open-source administration tool for managing MySQL databases using a simple graphical interface over the web-browser.
Almost every web hosting service pre-installs phpMyAdmin with their control panels to help webmasters easily manage their databases for websites, including WordPress, Joomla, and many other content management platforms.
Besides many bug fixes, there are primarily three critical security vulnerabilities that affect phpMyAdmin versions before release 4.8.4, phpMyAdmin revealed in its latest advisory.
images from Hacker News