Softpedia – (International) Backdoor in phpMyAdmin allows hackers to execute PHP code. phpMyAdmin warned customers that a kit hosted on the SourceForge.net mirror system contained a backdoor that allows remote attackers to execute arbitrary PHP code. The Tencent Security Response Center notified the developers that the distribution contains a malicious file. The affected mirror is called cdnetworks-kr-1, the backdoor located in the server_sync.php file. Apparently, this was not the only corrupt file. The phpMyAdmin development team claims a second file — js/cross_framing_protection.js — was also modified. The vulnerability was cataloged as critical.