Reindl's (funny) comments aside. Why still use phpMyAdmin in this day and age. Nearly every maria/percona/mysql client supports ssh tunneling. SequelPro on Mac, Heidi (or others) on Windows, and any windows client running through wine if your desktop/laptop is linux. Also developers can just use intellij or similar IDE's that have a database pane.

Trusting administration to an exposed phpMyAdmin in this day and age frightens me greatly. Also if you had an HIDS server running to track bad phpMyAdmin logins i bet there would be a ton of alerts. I've blocked all such attempts in my IPS even though i don't have phpMyAdmin.

I realize this does not answer your question, but if this fits into your architecture i'd say good by to that web interface.

my $.02

On Wed, Apr 17, 2019 at 10:54 AM Reindl Harald <h.reindl@thelounge.net> wrote:

Am 17.04.19 um 16:50 schrieb Turritopsis Dohrnii Teo En Ming:
> Subject/Topic: How do I determine if versions of phpMyAdmin before 4.8.5 is SQL Injectable using sqlmap?

frankly are you drunken?

you posted this exactly same message to

* phpmyadmin list TWICE
* oracle mysql list
* now mariadb list

i seriously looked if my mailserver has a problem - stop it damned!

_______________________________________________
Mailing list: https://launchpad.net/~maria-discuss
Post to : maria-discuss@lists.launchpad.net
Unsubscribe : https://launchpad.net/~maria-discuss
More help : https://help.launchpad.net/ListHelp