Not active here, so not sure if you guys knew it. Sorry if its already been posted about and solved.
Posted by Talaturen:
I've recently seen alot of users getting hacked, so I've used some of my free time to look into this and I found a security vulnerability in phpMyAdmin which comes with XAMPP.
I'm not going to explain in details how you can take advantage of this vulnerability, but to explain it in a single sentence: the user pma has more permissions than it should have.
Do the following things to protect your server:
1. Enter phpMyAdmin with root user.
2. Below the phpMyAdmin logo (at the left sidebar) you can see a button that has the text SQL, click on it.
3. A textbox will appear where you can insert a query, insert this:
- Code: Select all
DROP USER 'pma'@'localhost';
4. Click on Execute, if you get any error post it in this thread and we'll try to help you.
Now to be sure it worked, logout from phpmyadmin and try to login with the user pma without any password. If it doesn't work then your server should be secure against this vulnerability.
Posted by Mokerhamer:
Yes but it seemed that phpmyadmin 2.11.7 is NOT protected for it and phpmyadmin 126.96.36.199 is.
Hope this will help some Xampp users to prevent being hacked.
Note: What can some users do with access to this vulnerable pma user?
Upload php scripts to your apache host. The more advance php script, the more dangerous. Its recommended remove this user.