Re: phpMyAdmin server_privileges.php SQL Injection Vulnerabilities.

[michal () cihar com]

Hi

There is no vulnerability in this - user needs to be logged in. You can do same (without messing SQL injection) by 
directly passing SQL statements to import.php or sql.php. Yes phpMyAdmin allows to execute queries to authenticated 
users, but it's main task of this program and can not be considered as vulnerability.

Michal