The phpMyAdmin project takes the security of our product and repositories seriously. We appreciate your research and responsible handling of your findings, and our security team will work with you to address an issue or concern.

Please reach us by email at security@phpmyadmin.net. Our full security policy, including past disclosures, GPG key, and information on chatting with us through Keybase, are posted on the phpMyAdmin web site.