Page 1 of 1

&phpMyAdmin=eAzftBAxjUhcYv4-J87%2CP1B8J-d

Posted: Sat Apr 26, 2008 8:20 pm
by initsoul
Why does &phpMyAdmin=someJunkCharacters get suffixed to joomla urls ?

~ Soul

Re: &phpMyAdmin=eAzftBAxjUhcYv4-J87%2CP1B8J-d

Posted: Sat Apr 26, 2008 11:52 pm
by joels341
I have noticed this behavior too. Did you recently do an export/import using PHPMyAdmin? I was never sure if this was a problem with Joomla or with PHPMyAdmin.

I wonder if it is caused by a hacking attempt......

I'd like to know. Anyone else have this problem with/without PHPMyAdmin import/export?

Re: &phpMyAdmin=eAzftBAxjUhcYv4-J87%2CP1B8J-d

Posted: Sun Apr 27, 2008 12:14 am
by fw116
search google fpr mysql and UTF-8 and myphpadm

Re: &phpMyAdmin=eAzftBAxjUhcYv4-J87%2CP1B8J-d

Posted: Sun Apr 27, 2008 6:42 am
by joels341
Havn't found anything using the keywords you suggested. You seem to indicate that this has something to do with character encoding. I don't see what problem with character encoding would add this kind of string to the end of URLs.

Please provide more information fw.

Re: &phpMyAdmin=eAzftBAxjUhcYv4-J87%2CP1B8J-d

Posted: Sun Apr 27, 2008 10:20 am
by fw116
i found this one:

maybe u have this issue, dont know, so check:

Description:
We received an advisory from Jim Hermann, and we wish to thank him for his work. phpMyAdmin saves sensitive information like the MySQL username and password and the Blowfish secret key in session data, which might be unprotected on a shared host.
Versions before 2.11.5.1.

check also:
http://www.phpmyadmin.net/home_page/security.php

and
http://forum.joomla.org/viewtopic.php?f=267&t=255490

Re: &phpMyAdmin=eAzftBAxjUhcYv4-J87%2CP1B8J-d

Posted: Sun Apr 27, 2008 6:32 pm
by joels341
That may or may not be it. If it is that, it looks like the solution is to check your server for a possible security breach, reinstall the OS, change all your passwords, and check the version of your phpMyAdmin and other software versions.

According to secunia.com, the username/password/blowfish info in session data vulnerability exists in phpMyAdmin version 2.11.5 and lower. The solution to this is to make sure you upgrade to at least version 2.11.5.1.

The current version of phpMyAdmin is 2.11.5.2, released April 22nd, 2008.

links corrupted with "phpMyAdmin" in exported Joomla databas

Posted: Tue Jan 26, 2016 1:06 am
by jcalvert
Not a hacking attempt – glitch in an old version of phpMyAdmin running under Plesk (but perhaps not limited to Plesk).

See: http://forum.joomla.org/viewtopic.php?f ... 0#p3358810

JC