[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC

To: "Mango" <h@xxxxxxx>
Subject: Re: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
From: nix@xxxxxxxxxxxxxxxx
Date: Sat, 9 Jul 2011 16:51:49 +0300

> I'm flooded with requests for a POC and many doubt that these
> vulnerabilities are exploitable. And since this vulnerability is
> rather technically interesting I believe many could learn from it.
>
> http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html
>

Could you fix that font on your site? Very small light green font on black
background. It's horrible. I did not even bothered to read it in full due
to that.

> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
  - From: Ryan Sears
- Re: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
  - From: Mango

References:
- [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
  - From: Mango

Prev by Date: [Full-disclosure] List Charter
Next by Date: [Full-disclosure] Multiple Cross-Site Scripting vulnerabilities in WebCalendar
Previous by thread: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
Next by thread: Re: [Full-disclosure] phpMyAdmin 3.x preg_replace RCE POC
Index(es):
- Date
- Thread