Backported patch for phpMyAdmin 4.4.x; a self-cross site scripting (XSS) vulnerability has been
reported relating to the central columns feature.

Further details:
 - https://www.phpmyadmin.net/security/PMASA-2018-1/
 - https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3

--- phpMyAdmin-4.4.15.10/db_central_columns.php			2017-01-23 20:08:47.000000000 +0100
+++ phpMyAdmin-4.4.15.10/db_central_columns.php.pmasa-2018-1	2018-05-16 12:04:20.000000000 +0200
@@ -71,7 +71,9 @@
     $col_name[] = $_REQUEST['col_name'];
     $tmp_msg = PMA_deleteColumnsFromList($col_name, false);
 }
-if (isset($_REQUEST['total_rows']) && $_REQUEST['total_rows']) {
+if (!empty($_REQUEST['total_rows'])
+    && PMA_isValid($_REQUEST['total_rows'], 'integer')
+) {
     $total_rows = $_REQUEST['total_rows'];
 } else {
     $total_rows = PMA_getCentralColumnsCount($db);