Lucene search
SecurityvulnsSECURITYVULNS:DOC:15304HistoryDec 05, 2006 - 12:00 a.m.
PhpMyAdmin 2.7.0-pl2 Path Disclosure | Multiple CRLF/Http Response Splitting
2006-12-0500:00:00
vulners.com
45
Title : PhpMyAdmin 2.7.0-pl2 Path Disclosure | Multiple CRLF/Http Response Splitting Vulnerability
Author : ajann
Contact : :(
Tested : Just 2.7.0-pl2
[[CRLF]]]------------------------------------------------------
Files----
/css/phpmyadmin.css.php
/db_create.php
/index.php
/left.php
/libraries/session.inc.php
/libraries/transformations/overview.php
/querywindow.php
/server_engines.php
/…
/…
/Files----
Cookie:
->Open Cookie Editor
->Find the phpMyAdmin value
->Write it ;
phpMyAdmin=%0d%0aSet-Cookie%3Asome%3Dvalue
New Cookie => some=value
…
…
[[/CRLF]]]
[[PATH]]]------------------------------------------------------
File----
//libraries/common.lib.php
/File----
[[/PATH]]]
"""""""""""""""""""""