securityaffairs.co/.../phpmoadmin-mongodb-guizero-day.html Security experts are alerting on the availability in the underground black market of a zero day exploit for a vulnerability in the phpMoAdmin MongoDB GUI.
docs.mongodb.org/ecosystem/tools/administration-interfaces PHPMoAdmin¶ PHPMoAdmin is a MongoDB administration tool for PHP built on a stripped-down version of the Vork high-performance framework. Nothing to configure - place the moadmin.php file anywhere on your web site and it just works!
www.hideproxy.net/index.php?q=aHR0cDovL3RoZWhhY2tlcm5ld3... Hacker known by the online moniker, "sp1nlock" has found a zero-day vulnerability in 'phpMoAdmin', a free, open-source, written in PHP, AJAX-based MongoDB GUI (graphical user interface) administration tool that allows you to easily manage noSQL database MongoDB.
www.d2sec.com/news/phpmoadmin_zero_day_d2_elliot_exploit... We identified a remote code execution vulnerability on the last version of phpMoAdmin. The exploitation is really easy with Elliot. Here is the exploit code:
blog.rootshell.be/2015/03/04/phpmoadmin-0-day-nmap-script An 0-day vulnerability has been posted on Full-Disclosure this morning. It affects the MongoDB GUI phpMoAdmin. The GUI is similar to the well-known phpMyAdmin and allows the DB administrator to perform maintenance tasks on the MongoDB databases with the help of a nice web interface.
www.hackbusters.com/news/stories/275974-phpmoadmin... phpMoAdmin Zero-day Vulnerability Puts Websites Using MongoDB at Risk. thehackernews.com - MongoDB, one of the leading NoSQL databases, is an open-source database used by companies of all sizes, across all industries for a wide variety of applications.
seclists.org/oss-sec/2015/q1/743 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello MITRE, Can you assign 2015 CVE identifier for unauthorized remote code execution vulnerability in PHPMoAdmin <http://www.phpmoadmin.com/>, thanks.
latestnigeria.com/2015/03/phpmoadmin-zero-day... Based on a number of posts out there on the exploit promoting underground boards, the phpMoAdmin is weak to a Zero-Day Distant Code Execution flaw that permits an unauthorized distant consumer to hijack the web sites operating phpMoAdmin device.
www.nsaneforums.com/tags/forums/phpMoAdmin Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information.
www.xedie.com/...phpmoadmin-gui...websites-at-risk-yesterday... Hacker known by the online moniker, “sp1nlock” has found a zero-day vulnerability in ‘phpMoAdmin‘, a free, open-source, written in PHP, AJAX-based MongoDB GUI (graphical user interface) administration tool that allows you to easily manage noSQL database MongoDB.