Greg Ose - Security Researcher - Exploit Intelligence Platform

CVE-2018-19859 NOMISEC MEDIUM WORKING POC

OpenRefine < 3.2 beta - Path Traversal via ZIP Archive Relative Pathname

OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.

1 stars

CVSS 6.5

View Code

CVE-2009-1285 METASPLOIT ruby WORKING POC

phpMyAdmin < 3.1.3.2 - Remote Code Injection via ConfigFile.class.php

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.

View Code

CVE-2009-1151 METASPLOIT CRITICAL ruby WORKING POC

phpMyAdmin 2.11.0-2.11.9.4 and 3.x < 3.1.3.1 - Remote Code Injection via Setup Configuration Save

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.

CVSS 9.8

View Code

CVE-2009-1151 EXPLOITDB CRITICAL php SCANNER

phpMyAdmin 2.11.0-2.11.9.4 and 3.x < 3.1.3.1 - Remote Code Injection via Setup Configuration Save

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.

CVSS 9.8

View Code

CVE-2009-1151 EXPLOITDB CRITICAL ruby WORKING POC

phpMyAdmin 2.11.0-2.11.9.4 and 3.x < 3.1.3.1 - Remote Code Injection via Setup Configuration Save

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.

CVSS 9.8

View Code