[plug] Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions

Onno Benschop onno at itmaze.com.au
Thu Sep 19 16:00:31 AWST 2019


This is the biggest concern:

However, after phpMyAdmin maintainers failed to patch the vulnerability
within 90 days of being notified, the researcher decided to release the
vulnerability details and PoC to the public on 13 September.

--
finger painting on glass is an inexact art - apologies for any errors in
this scra^Hibble

()/)/)() ..ASCII for Onno..

On Thu., 19 Sep. 2019, 15:50 Benjamin, <zorlin at gmail.com> wrote:

> Ouch. Not the worst but significant enough to be a problem!
>
> On Thu, Sep 19, 2019 at 3:48 PM Onno Benschop <onno at itmaze.com.au> wrote:
>
>> https://thehackernews.com/2019/09/phpmyadmin-csrf-exploit.html?m=1
>> --
>> finger painting on glass is an inexact art - apologies for any errors in
>> this scra^Hibble
>>
>> ()/)/)() ..ASCII for Onno..
>> _______________________________________________
>> PLUG discussion list: plug at plug.org.au
>> http://lists.plug.org.au/mailman/listinfo/plug
>> Committee e-mail: committee at plug.org.au
>> PLUG Membership: http://www.plug.org.au/membership
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20190919/f9dc4e17/attachment.html>


More information about the plug mailing list