Multiple vulnerabilities has been found and corrected in phpmyadmin:

error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers
to conduct cross-site scripting (XSS) attacks via a crafted BBcode
tag containing @ characters, as demonstrated using [a@url@page]
(CVE-2010-4480).

phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass
authentication and obtain sensitive information via a direct request
to phpinfo.php, which calls the phpinfo function (CVE-2010-4481).

This upgrade provides the latest phpmyadmin version for MES5 (3.3.9)
and patches the version for CS4 to address these vulnerabilities.