[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, websec10@xxxxxxxxxxx, websecurity@xxxxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
From: Mango <h@xxxxxxx>
Date: Fri, 8 Jul 2011 22:27:21 +0200

I'm flooded with requests for a POC and many doubt that these
vulnerabilities are exploitable. And since this vulnerability is
rather technically interesting I believe many could learn from it.

http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
  - From: nix

Prev by Date: Re: [Full-disclosure] XerXes DoS tool Leak. not so 0day now!
Next by Date: Re: [Full-disclosure] Binary Planting Goes "Any File Type"
Previous by thread: [Full-disclosure] ABZs of Cybersecurity
Next by thread: Re: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
Index(es):
- Date
- Thread