On his blog today, John Cox has a note that anyone currently running phpMyAdmin might want to check into - an security issue that could allow an attacker to include a local file and cause all sorts of havoc.

phpMyAdmin is a dangerous script. It is also an admin tool which should never be left out in the wild. The latest vulnerability does look nasty with local file inclusion, but I am not sure of the point of someone executing a local file inclusion when the attacker has access to your entire DB. Wake me up when there is a CSRF vulnerability reported.

Yes, it does seem a little silly to worry about the inclusion of a local file with the full reign that it allows, but just knowing that a problem exists with it can help the developers correct as much as they can.

Securing it is up to you...