Yesterdays security release for phpLiteAdmin unfortunately did not fix the security issues described by an exploit published by “l@usch” completely. Therefore, today a new release 220.127.116.11 was published to cover the remaining issues.
All users of phpLiteAdmin < 18.104.22.168 are advised to update their installation to 22.214.171.124. The fixed security issues can only be used by users with access to phpLiteAdmin, i.e. users that know the password. As a general recommendation, you should always use a secure password an keep it secret. Never use the default password on a publicly accessible installation.
I’d like to thank l@usch for reporting the issue and his cooperation to resolve it.
To update, just download the new version, adjust the configuration and replace your old phpliteadmin.php with the new one.