[Phpmyadmin-devel] XSS in current phpmyadmin versions
Fabian Fingerle
fabian at datensalat.eu
Wed Oct 29 15:59:17 CET 2008
Hi,
Exploit :
register_globals=on,off
loged in ....
query :
http://localhost/pmd_pdf.php?db=>"><script>alert(1)</script>
Could you fix this quickly?
Yours
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20081029/3c9c2bd4/attachment.sig>
More information about the Developers
mailing list