Full Disclosure mailing list archives
[Full-Disclosure] klout.com cookie vulnerability PoC
From: Kenny Vaneetvelde <vakenfreak () gmail com>
Date: Wed, 7 Apr 2010 14:18:48 +0200
I recently discovered a cookie vulnerability in klout.com which allows one to steal another person's account without knowing their password. Full disclosure given here: http://raykoid666.wordpress.com/2010/04/05/klout-com-cookie-vulnerability-full-disclosure-proof-of-concept/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [Full-Disclosure] klout.com cookie vulnerability PoC Kenny Vaneetvelde (Apr 07)