xss in phpmyadmin >=2.8.0 and < 2.10.0
This xss with xsrf possibility works only when logged in, but since in many places anonymous logins are allowed and many webhost companies offer just 1 or few phpmyadmins for a large number of users, i consider it worth to be published. Theoretically it is possible to obtain and use the cookie an...