Categories
Security

Critical phpMyAdmin Vulnerabilities Discovered

Critical phpMyAdmin Vulnerabilities DiscoveredA number of bloggers and web site owners use phpMyAdmin for easy database administration. Two critical vulnerabilities have been discovered that could be used to gain full access to the affected server.
Exploits have already been made publicly available, see GNUCITIZEN for an example:

http://172.16.211.10/phpMyAdmin-3.0.1.1//config/
config.inc.php?p=phpinfo();

Description
Setup script used to generate configuration can be fooled using a crafted POST […]

http://feedproxy.google.com/~r/BlogSecurity/~3/kdAeYGwBzxc/critical-phpmyadmin-vulnerabilities-discovered