phpMyAdmin versions 3.3.x and 3.4.x suffer from a local file inclusion vulnerability via XXE injection. The attacker must be logged in to MySQL via phpMyAdmin.
phpMyAdmin versions 33x and 34x suffer from a local file inclusion vulnerability via XXE injection The attacker must be logged in to MySQL via phpMyAdmin ...