Local file inclusion vulnerability

PMASA-2005-4 Announcement-ID: PMASA-2005-4 Date: 2005-10-11 Summary Local file inclusion vulnerability Description In libraries/grabglobals.lib.php, the $$redirect parameter was not correctly validated, opening the door to a local file inclusion attack. Severity We consider this vulnerability to ...

phpmyadmin -- local file inclusion vulnerability

A phpMyAdmin security announcement reports: In libraries/grabglobals.lib.php, the $redirect parameter was not correctly validated, opening the door to a local file inclusion attack. We consider this vulnerability to be serious...

[Full-disclosure] phpMyAdmin Local file inclusion 2.6.4-pl1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpMyAdmin Local file inclusion 2.6.4-pl1 Author: Maksymilian Arciemowicz cXIb8O3 .18 Date: 10.10.2005 from SECURITYREASON.COM - --- 0.Description --- phpMyAdmin 2.6.4 is a tool written in PHP intended to handle the administration of MySQL over the We...

phpMyAdmin 2.6.4-pl1 - Directory Traversal

!/usr/bin/perl use IO::Socket; SecurityReason.com TEAM Maksymilian Arciemowicz cXIb8O3 [email protected] Local file inclusion ./$FILE simple exploit phpMyAdmin 2.6.4-pl1 SecurityReason.com if @ARGV new Proto = "tcp", PeerAddr = "$HOST", PeerPort = "80" || die "Error 404\r\n\r\n"; print $get...

phpMyAdmin 2.6.4-pl1 - Directory Traversal

phpMyAdmin 2.6.4-pl1 - Directory Traversal !/usr/bin/perl use IO::Socket; SecurityReason.com TEAM Maksymilian Arciemowicz cXIb8O3 [email protected] Local file inclusion ./$FILE simple exploit phpMyAdmin 2.6.4-pl1 SecurityReason.com if @ARGV new Proto = "tcp", PeerAddr = "$HOST", PeerPort =...

phpMyAdmin 2.6.4-pl1 Remote Directory Traversal Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; SecurityReason.com TEAM Maksymilian Arciemowicz cXIb8O3 [email protected] Local file inclusion ./$FILE simple exploit phpMyAdmin 2.6.4-pl1 SecurityReason.com if @ARGV 3 print "\r\n SecurityReason TEAM\r\n"; print "cXIb8O3...

phpMyAdmin 2.6.4-pl1 Remote Directory Traversal Exploit

Exploit for unknown platform in category web applications ======================================================= phpMyAdmin 2.6.4-pl1 Remote Directory Traversal Exploit ======================================================= !/usr/bin/perl use IO::Socket; SecurityReason.com TEAM Maksymilian...

CVE-2005-2869

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the Username to libraries/auth/cookie.auth.lib.php or 2 the error parameter to error.php...

CVE-2005-2869

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the Username to libraries/auth/cookie.auth.lib.php or 2 the error parameter to error.php...

CVE-2005-2869

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the Username to libraries/auth/cookie.auth.lib.php or 2 the error parameter to error.php...

DEBIAN-CVE-2005-2869

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the Username to libraries/auth/cookie.auth.lib.php or 2 the error parameter to error.php...

CVE-2005-2869

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the Username to libraries/auth/cookie.auth.lib.php or 2 the error parameter to error.php...

CVE-2005-2869

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the Username to libraries/auth/cookie.auth.lib.php or 2 the error parameter to error.php...

CVE-2005-2869

CVE-2005-2869 (and related CVEs 2005-3300, 2005-3301) affect phpMyAdmin prior to certain fixed releases. The core issue is multiple cross-site scripting vulnerabilities in phpMyAdmin’s web interface (notably in the error page and cookie-based login, and in related components) that allow remote at...

[SA16605] phpMyAdmin Two Cross-Site Scripting Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

phpMyAdmin < 2.6.4-RC1 XSS (deprecated)

Binary data 3193.prm...

phpMyAdmin < 2.6.4 Multiple XSS

According to its banner, the version of phpMyAdmin installed on the remote host may suffer from two cross-site scripting vulnerabilities due to its failure to sanitize user input to the 'error' parameter of the 'error.php' script and in 'libraries/auth/cookie.auth.lib.php'. A remote attacker may...

phpMyAdmin 2.x - error.php Cross-Site Scripting

phpMyAdmin 2.x - error.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14675/info phpMyAdmin is prone to a cross-site scripting vulnerability. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack woul...

phpMyAdmin 2.x - &#039;error.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14675/info phpMyAdmin is prone to a cross-site scripting vulnerability. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack would require that the victim follows a malicious li...

FreeBSD : phpmyadmin -- XSS vulnerability (58247a96-01c8-11da-bc08-0001020eed82)

A phpMyAdmin security announcement reports : The convcharset parameter was not correctly validated, opening the door to a XSS attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...