Debian: Security Advisory (DSA-2975-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WDC前台getshell一枚

简要描述： 广告位：codescan.cn 呵呵 详细说明： mysql/adduser.php 这个文件没有验证权限（其实是验证的，不知道为什么被注释了） 那么我们可以利用这个添加一个mysql的账户 但是不能外连，只能localhost，貌似没什么用 database可以抓包篡改的 观众：这又个jB用 别急，朋友 wdcp下面有一个phpmyadmin 直接访问，http://xxx：8080/phpmyadmin 提示输入mysql账号密码 上面我们正好能加一个MySQL、用户...

PHPMyAdmin 2.7 SQL.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17487/info PHPMyAdmin is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

pmaPWN! - phpMyAdmin Code Injection RCE Scanner & Exploit

No description provided by source. ?php $list = array '/phpmyadmin/', '/phpMyAdmin/', '/PMA/', '/pma/', '/admin/', '/dbadmin/', '/mysql/', '/myadmin/', '/phpmyadmin2/', '/phpMyAdmin2/', '/phpMyAdmin-2/', '/php-my-admin/', '/phpMyAdmin-2.2.3/', '/phpMyAdmin-2.2.6/', '/phpMyAdmin-2.5.1/',...

phpMyAdmin 3.5.2.2 server_sync.php Backdoor

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...

plexusCMS 0.5 - XSS Remote Shell Exploit & Credentials Leak

No description provided by source. Exploit Title: plexusCMS 0.5 XSS Remote Shell Exploit Google Dork: allinurl: plx-storage Date: 22.02.2013 Exploit Author: neglomaniac Vendor Homepage: http://plexus-cms.org/ Version: 0.5 --- FILES backdoor.php simple commend execute backdoor commands.txt list of...

PHPMyAdmin 2.x Convcharset Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12982/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'convcharset' parameter. phpMyAdmin versions prior to 2.6.2-rc1 are affected by this...

PHPMyAdmin 2.8.1 Set_Theme Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17142/info phpMyAdmin is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

phpMyAdmin <= 2.11.1 Server_Status.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26301/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

phpMyAdmin 2.x server_databases.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/15196/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

pMyAdmin 3.3.5.1 'db_create.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38707/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

PhpMyAdmin 2.x db_create.php db Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

phpMyAdmin <= 3.2 - 'server_databases.php' Remote Command Execution Vulnerability

phpMyAdmin 'serverdatabases.php' 远程命令执行漏洞 受影响的系统 Typo3 phpMyAdmin 3.2 Typo3 phpMyAdmin 3.0.1 Typo3 phpMyAdmin 3.0 Typo3 phpMyAdmin 0.2.2 Turbolinux Appliance Server 3.0 x64 Turbolinux Appliance Server 3.0 SuSE openSUSE 10.3 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 phpMyAdmin phpMyAdmin 2.11....

PhpMyAdmin 2.x db_operations.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

PhpMyAdmin 2.x querywindow.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

phpMyAdmin <= 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23624/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

phpMyAdmin 2.x External Transformations Remote Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/11886/info phpMyAdmin is reported prone to multiple remote vulnerabilities. These issues can allow remote attackers to execute arbitrary commands and disclose files on a vulnerable computer. These issues result from...

phpMyAdmin 2.x Multiple Script Array Handling Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

phpMyAdmin 2.x queryframe.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/15196/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

phpMyAdmin Authenticated Remote Code Execution via preg_replace()

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...