跨站点脚本(XSS)在设置/框架/ index.inc脆弱性。php在phpMyAdmin 3设置脚本中。x之前3.3.7允许远程攻击者将通过服务器名称任意web脚本或HTML。
http://secunia.com/advisories/41210
http://www.mandriva.com/security/advisories?name=MDVSA-2010:186
http://www.phpmyadmin.net/home_page/security/pmasa - 2010 - 7. - php