phpMyAdmin 4.9.7 and 5.0.4 release: bugfix

phpMyAdmin is a free software tool written in PHP that is intended to handle the administration of a MySQL or MariaDB database server. You can use phpMyAdmin to perform most administration tasks, including creating a database, running queries, and adding user accounts.

Both versions contain several security fixes:

• PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password
• PMASA-2020-3 SQL injection vulnerability relating to the search feature
• PMASA-2020-4 SQL injection and XSS having to do with displaying results
• Removing of the “options” field for the external transformation.

Version 5.0.2 also contains many bug fixes:

• Fix for copying a user account
• Removed SET AUTOCOMMIT=0 from SQL export
• Fix for the display of table borders
• Fix for ENUM radio button user interface problems
• Improved the prompt for abandoning changes when no changes were made in the SQL window
• Fix for inserting a primary key with “insert as new row”
• Fix incorrect suggested latest available version to version 5

Download