Full Disclosure mailing list archives
Re: Voxsmart VoxRecord Control Centre - Blind SQLi and auth. bypass
From: Michele Orru <antisnatchor () gmail com>
Date: Fri, 2 Dec 2011 14:20:33 +0100
Correction or not correction, this VoxSmart tool just sucks. How come they are vulnerable to auth bypass with or 1=1--??? Hey, we're in 2012 (almost)...wake up ahaha Cheers antisnatchor On Fri, Dec 2, 2011 at 10:58 AM, Piotr Duszynski <piotr () duszynski eu> wrote:
Small correction regarding the time line of this disclosure: [Time-line] 14/11/2011 - Vendor notified 2/12/2011 - Vendor response ??? - Vendor patch release 30/11/2011 - Public disclosure Cheers, @drk1wi _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- /antisnatchor _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Voxsmart VoxRecord Control Centre - Blind SQLi and auth. bypass Piotr Duszynski (Dec 02)
- Re: Voxsmart VoxRecord Control Centre - Blind SQLi and auth. bypass Michele Orru (Dec 02)