BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469) Dec 13 2012 12:04AM
Mark Stanislav (mark stanislav gmail com)
I. DESCRIPTION
---------------------------------------
portable-phpMyAdmin doesn't verify an existing WordPress session
(privileged or not) when accessing the plugin file path directly.
Because of how this plugin works, a default installation will provide
a full phpMyAdmin console with the privilege...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus