From official site:
Version 2.9.2 contains some security fixes (see Security on phpmyadmin.net) and other fixes.
From me: The vulnerability is quite serious so I suggest upgrading ASAP.
Download page: http://www.phpmyadmin.net/home_page/downloads.php
Announcement-ID: PMASA-2007-2
Date: 2007-01-16
Summary:
XSS and Path Disclosure vulnerabilities
Description:
We received an advisory from Laurent Gaffié and we wish to thank him for his work.
It was possible to trigger these attacks on db_create.php and index.php.
Severity:
We consider these vulnerabilities to be serious.
Affected versions:
Probably all versions to 2.9.1.1.
Solution:
Upgrade to phpMyAdmin 2.9.2 or newer.
For further information and in case of questions, please contact the phpMyAdmin team. Our website is http://www.phpmyadmin.net/.
Technorati : mysql, phpmyadmin, windows
Del.icio.us : mysql, phpmyadmin, windows
Ice Rocket : mysql, phpmyadmin, windows