phpmyadmin now in latest release

[yggdrasil]

I'm in the process of upgrading to the latest release and I found now phpmyadmin is also shipped on the vendors folders. Is there is a reason for this? There was recently a huge vulnerability on this software and it was used widely to exploit servers. Why is WHMCS shipping this on the vendor folders? Last time I checked I don't use WHMCS to access or manipulate my database. I would never want WHMCS to do this in the first place but rather use the proper external MariabDB or MySQL DB tools.

I'm just curious what is the purpose of this on WHMCS. The more external vendors things shipped on WHCMS the more the risk of some vulnerability that can be exploited. Makes you wonder if WHMCS is tracking the vulnerabilities or changelogs on the vendors files because I never received an email that a security patch was available.

Edited April 18, 2019 by yggdrasil

[steven99]

It isn't the actual phpmyadmin, but rather a part / package of it called sql_parser.  If you look in to the phpmyadmin folder you will see just the folder for sql_parser and nothing else.    Or do you mean that package has had issues? 

[yggdrasil]

11 hours ago, steven99 said:

It isn't the actual phpmyadmin, but rather a part / package of it called sql_parser.  If you look in to the phpmyadmin folder you will see just the folder for sql_parser and nothing else.    Or do you mean that package has had issues? 

I did not actually checked the folder files but the name just go my attention. Thank you for confirming this, makes more sense. Either way, lets hope someone at WHMCS is keeping a change log or some alerts on the vendor third party software they use just in case.