SSH is available in Bluehost that I use now. I'm just wondering shall I continue using PHPMyAdmin that they also offer. <br><br><div class="gmail_quote">2010/8/20 António P. P. Almeida <span dir="ltr"><<a href="mailto:appa@perusio.net">appa@perusio.net</a>></span><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div class="im">On 20 Ago 2010 18h29 WEST, <a href="mailto:alexei@malinovski.org">alexei@malinovski.org</a> wrote:<br>
<br>
> Thank you! I check the problem briefly. so, if I'm logged in to<br>
> PHPmyadmin attackers somehow (how?) can inject SQL command. But I<br>
> cannot understand how they do it.<br>
<br>
</div>Check the full message. The Proof Of Concept is there. Like I said<br>
before I suggest you dump phpmyadmin altogether. That probably means<br>
that you have to find a hosting provider that gives you SSH access. In<br>
the long run it will save you time and $.<br>
<br>
Like Larry said if a hosting company doesn't give you SSH access than<br>
that is a tell tale sign that they're not interested in providing a<br>
quality service. They're playing a pure numbers game.<br>
<br>
I guess that you have to ask and wait that the hosting provider<br>
upgrades the phpmyadmin version.<br>
<div><div></div><div class="h5"><br>
--- appa<br>
<br>
_______________________________________________<br>
consulting mailing list<br>
<a href="mailto:consulting@drupal.org">consulting@drupal.org</a><br>
<a href="http://lists.drupal.org/mailman/listinfo/consulting" target="_blank">http://lists.drupal.org/mailman/listinfo/consulting</a><br>
</div></div></blockquote></div><br>