13 matches found
PhpMyAdmin exploits concludes With Metasploit-vulnerability warning-the black bar safety net
A: affects versions: 3.5. x 3.5.8.1 and 4.0.0 4.0.0-rc3 Overview: PhpMyAdmin presence of a PREGREPLACEEVAL vulnerability Use module: exploit/multi/http/phpmyadminpregreplace CVE: CVE-2 0 1 3-3 2 3 8 II: effects version: phpMyAdmin v3. 5. 2. 2 Overview: PhpMyAdmin存在serversync.php Backdoor...
Gentoo Security Advisory GLSA 200906-03 (phpmyadmin)
The remote host is missing updates announced in advisory GLSA 200906-03. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit
No description provided by source. !/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testing this PoC...
phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit
Exploit for unknown platform in category web applications ========================================================== phpMyAdmin /scripts/setup.php PHP Code Injection Exploit ==========================================================...
phpMyAdmin - '/scripts/setup.php' PHP Code Injection
!/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testing this PoC script and providing feedback! PoC...
CVE-2009-1151
creationtimestamp| type| source ---|---|--- 2009-06-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8921 2009-06-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8992 2010-07-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16913 2018-05-29...
Mandrake Security Advisory MDVSA-2009:115 (phpMyAdmin)
The remote host is missing an update to phpMyAdmin announced via advisory MDVSA-2009:115. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3)
The setup script included with the version of phpMyAdmin installed on the remote host does not properly sanitize user-supplied input to several variables before using them to generate a config file for the application. Using specially crafted POST requests, an unauthenticated, remote attacker may...
FreeBSD Ports: phpMyAdmin211
The remote host is missing an update to the system as announced in the referenced advisory. VID 06f9174f-190f-11de-b2f0-001c2514716c OpenVAS Vulnerability Test $ Description: Auto generated from VID 06f9174f-190f-11de-b2f0-001c2514716c Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD Ports: phpMyAdmin211
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Immunity Canvas: PHPMYADMIN_INJECTION
Name| phpmyadmininjection ---|--- CVE| CVE-2009-1151 Exploit Pack| CANVAS Description| phpmyadmininjection Notes| CVE Name: CVE-2009-1151 VENDOR: http://www.phpmyadmin.net Notes: This exploit requires that the "/config/ directory was not deleted after installation. Basic authorization may also be...
DSquare Exploit Pack: D2SEC_PHPMYADMIN_RCE
Name| d2secphpmyadminrce ---|--- CVE| CVE-2009-1151 Exploit Pack| D2ExploitPack Description| d2secphpmyadminrce Notes|...
Insufficient output sanitizing when generating configuration file.
PMASA-2009-3 Announcement-ID: PMASA-2009-3 Date: 2009-03-24 Summary Insufficient output sanitizing when generating configuration file. Description Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...