Full Disclosure mailing list archives
Re: Greek Web Election System Sucks - Remote File Inclusion?
From: scott <redhowlingwolves () bellsouth net>
Date: Mon, 24 Sep 2007 01:22:26 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ROFL! Spanish backdoors exported gold and other valuables in the past!Entire continents even? Joey Mengele wrote:
This comes as no surprise. Most Greek stuff is susceptible to a back door style attack. This type of assault has been documented throughout modern history. [1] J [1] http://www.urbandictionary.com/define.php?term=Greek+Style On Sat, 22 Sep 2007 20:46:45 -0400 ascii <ascii () katamail com> wrote:George Papandreou wrote:There is no wonder why in hell Kostas Karamanlis is still ourprime minister!http://www.ekloges.ypes.gr/pages/index.html?http://www.secunia.comhttp://www.ekloges.ypes.gr/pages/index.html?../lib/../lib/jslib.jshttp://www.ekloges.ypes.gr/pages/index.html?../lib/default.cssclient side stuff, no rfi here. <script type="text/javascript"> function fillFrame() { var a=location.search; a=(a ? a.slice(1) : 'epikratia_map.html'); document.getElementById('data_frame').src=a; } </script> this can be used to execute JS using the javascript: handler so it's a security issue http://www.ekloges.ypes.gr/pages/index.html?javascript:alert(%22hel o%22); have you notified the webmaster? bye, Francesco `ascii` Ongaro http://www.ush.it/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- Learn digital and video photography techniques, lighting and printing. Click now. http://tagline.hushmail.com/fc/Ioyw6h4fQtD75ifHptieNQWWIgly9a5eCstemyzNmIy2Lb1PTeKSRC/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG90mRsrt057ENXO4RAu3LAKCTxcdPqe7U7BfCJRX5iLieGYSRZgCgurq0 FuAE1RBmr4MjiCnROhqugpU= =u1Uy -----END PGP SIGNATURE-----
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Greek Web Election System Sucks - Remote File Inclusion? George Papandreou (Sep 22)
- Re: Greek Web Election System Sucks - Remote File Inclusion? Slythers Bro (Sep 22)
- Re: Greek Web Election System Sucks - Remote File Inclusion? ascii (Sep 22)
- Re: Greek Web Election System Sucks - Remote File Inclusion? George Papandreou (Sep 23)
- <Possible follow-ups>
- Re: Greek Web Election System Sucks - Remote File Inclusion? Joey Mengele (Sep 23)
- Re: Greek Web Election System Sucks - Remote File Inclusion? scott (Sep 23)