CVE-2011-4107 PoC - phpMyAdmin Local File Inclusion via XXE injection

An interesting local file inclusion vulnerability has been
recently published. An XXE (XML eXternal Entity) injection attack, which
affects phpMyAdmin 3.4.x previous to 3.4.7.1 and 3.3.x previous to
3.3.10.5. - CVE-2011-4107


The issue is located in the
libraries\import\xml.php file, where the simplexml_load_string()
function is called without validating the existence of a