Looking at the ridiculously high number of security bulletins at http://www.phpmyadmin.net/home_page/security/ would seem to indicate PhpMyAdmin is itself a backdoor.

PLEASE don't expose this app to the entire Internet if you use it... "Order Deny,Allow / Allow from m.y.i.p / Deny from all" is your friend.

An exploit has been added to metasploit already

https://github.com/rapid7/metasploit-framework/commit/3ade5a...

Wot, no hash check?