Red Hat Bugzilla – Bug 751112
CVE-2011-4107 phpMyAdmin: Arbitrary file read flaw by loading XML strings
Last modified: 2015-07-31 02:45:31 EDT
A local file inclusion flaw was found in the way XML import plug-in of phpMyAdmin, a tool written in PHP intended to handle the administration of MySQL over the World Wide Web, performed import of malformed XML files. A remote attacker could provide a specially-crafted XML file, which once imported into the phpMyAdmin service instance would lead to arbitrary local file (accessible with the privileges of the phpMyAdmin user) read / retrieval.
Public PoC from  (for Microsoft Windows OS though):
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wooyun [
<!ENTITY hi80sec SYSTEM "file:///c:/windows/win.ini">
<pma_xml_export version="1.0" xmlns:pma="
- Structure schemas
<pma:database name="test" collation="utf8_general_ci"
- 数据库: 'thinksns'
<!-- 表 ts_ad -->
Regarding upstream patches (not sure phpMyAdmin upstream provided a changeset for this issue already, since it was reported two days ago). Cc-ed them on the CVE request for further patch information.
This has been assigned the name CVE-2011-4107: