I have the WHM accelerated control panel, I also have PHPmyAdmin, my PCI security scan keeps telling my that my PHPmyAdmin version is too old,please see here:
The remote web server contains a PHP application that is affected by
cross-site scripting vulnerabilities.
According to its banner, the version of phpMyAdmin installed on the
remote host may suffer from two cross-site scripting vulnerabilities
due to its failure to sanitize user input to the 'error' parameter of
the 'error.php' script and in 'libraries/auth/cookie.auth.lib.php'. A
remote attacker may use these vulnerabilities to cause arbitrary HTML
and script code to be executed in a user's browser within the context
of the affected application.
Upgrade to phpMyAdmin 2.6.4-rc1 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVE : CVE-2005-2869
BID : 14674, 14675
Other references : OSVDB:19048, OSVDB:19049
No I have emailed my hosting provider and they believe that if they upgrade the PHPmyAdmin bersion to the last versnio,the WHM control panel updates will put this old version back on on the next updates.
What do you think>? Is this possible?
Or shall I just forget what they say and update it.