4 Aug
2011
4 Aug
'11
2:10 p.m.
Hi Tyron
your changes include unprotected (does not require user being logged in and no token check) file file_echo.php, which allows to download arbitrary data. This could be easily used by attacker to pretend data is coming from safe location (where phpMyAdmin is running), while it would actually come from attacker.
I've removed defining of PMA_MINUMUM_COMMON (which does skip all the checks) from this file. As you already seem to pass token with the request, no other change should be needed, but please take care of such dangerous code in future.
--
Michal Čihař | http://cihar.com | http://blog.cihar.com