CVE-2009-1151

This Metasploit module exploits a code injection vulnerability in phpMyAdmin's setup feature, allowing arbitrary PHP code execution by injecting payloads into the configuration file. It targets versions 2.11.x < 2.11.9.5 and 3.x < 3.1.3.1.

This script scans for phpMyAdmin installations using Google dorks and checks for potential vulnerabilities, including CVE-2009-1151. It does not contain a full exploit but identifies targets for further exploitation.

This exploit leverages a PHP code injection vulnerability in phpMyAdmin's setup.php script to achieve remote code execution (RCE). It injects malicious PHP code into the configuration file, allowing arbitrary command execution via HTTP GET parameters.

This repository contains a functional exploit for CVE-2009-1151, a PHP code injection vulnerability in phpMyAdmin's setup script. The exploit injects malicious PHP code into the configuration file, enabling remote command execution.

The repository contains only a minimal README with a CVE reference and no functional exploit code or technical details. It appears to be a placeholder or stub.

This repository contains a Python script that exploits CVE-2009-1151, a vulnerability in phpMyAdmin's setup script allowing remote code execution via crafted configuration parameters. The script automates the exploitation process by scanning targets, extracting tokens, and sending malicious payloads.

This Metasploit module exploits a vulnerability in phpMyAdmin's setup feature (CVE-2009-1151) to inject arbitrary PHP code into the configuration file. It retrieves a session cookie and CSRF token, crafts a malicious configuration payload, and triggers execution by accessing the compromised file.