Yesterdays security release for phpLiteAdmin unfortunately did not fix the security issues described by an exploit published by “l@usch” completely. Therefore, today a new release 1.9.3.2 was published to cover the remaining issues.

All users of phpLiteAdmin < 1.9.3.2 are advised to update their installation to 1.9.3.2. The fixed security issues can only be used by users with access to phpLiteAdmin, i.e. users that know the password. As a general recommendation, you should always use a secure password an keep it secret. Never use the default password on a publicly accessible installation.

I’d like to thank l@usch for reporting the issue and his cooperation to resolve it.

To update, just download the new version, adjust the configuration and replace your old phpliteadmin.php with the new one.