Full Disclosure mailing list archives
Re: HTTP Response Splitting and SQL injection in megabbs forum
From: PD9 Software <info () pd9soft com>
Date: Sun, 26 Sep 2004 13:50:50 -0500
pigrelax wrote:
URL: http://www.pd9soft.com Tested megabbs 2.11. HTTP Response Splitting 2. HTTP Response Splitting 3. More and more SQL injection:
All three issues have been addressed, and updates have been posted at http://www.pd9soft.com/. Thank you for bringing them to my attention.
However in the future, would it be too much to ask that I am contacted first? I am very eager to fix any security vulnerabilities, but sipping coffee on a lazy Sunday afternoon and seeing this broadcast to a public list is a little disconcerting.
Thanks, Matt Summers PD9 Software, Inc _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- HTTP Response Splitting and SQL injection in megabbs forum pigrelax (Sep 26)
- Re: HTTP Response Splitting and SQL injection in megabbs forum PD9 Software (Sep 26)
- Re: Re: HTTP Response Splitting and SQL injection in megabbs forum DanB UK (Sep 26)
- Re: HTTP Response Splitting and SQL injection in megabbs forum PD9 Software (Sep 26)