标签 ‘phpMyAdmin’ 下的日志

pmaPWN! – phpMyAdmin Code Injection RCE Scanner & Exploit

# milw0rm.com [2009-06-22]
阅读全文 »

Tags: , ,

phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit

#!/bin/bash

# CVE-2009-1151: phpMyAdmin ‘/scripts/setup.php’ PHP Code Injection RCE PoC v0.11
# by pagvac (gnucitizen.org), 4th June 2009.
# special thanks to Greg Ose (labs.neohapsis.com) for discovering such a cool vuln,
# and to str0ke (milw0rm.com) for testing this PoC script and providing feedback!
阅读全文 »

Tags: ,

phpmyadmin爆路径

来源:fhod's blog

phpmyadmin爆路径方法 weburl+phpmyadmin/themes/darkblue_orange/layout.inc.php

测试地址:

http://bbs.pjhome.net/phpmyadmin/themes/darkblue_orange/layout.inc.php

Fatal error: Call to a member function getImgPath() on a non-object in d:\wwwroot\pjforumXP\wwwroot\phpmyadmin\themes\darkblue_orange\layout.inc.php on line 67

Tags: