Full Disclosure mailing list archives
Re: Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities
From: "Zach C." <fxchip () gmail com>
Date: Tue, 28 Jun 2011 01:04:03 -0700
On Mon, Jun 27, 2011 at 8:04 PM, YGN Ethical Hacker Group <lists () yehg net>wrote:
The XSS results are from purely blackbox scan on Mambo 4.6.5.
Wait, so you're telling me that you're running some program to find these and then just reporting the results to this list? If so, please give some credit to the program's author for actually finding these! Or, if you mean you're just blindly throwing XSS attacks at random variables hoping to find one that sticks... well, why hasn't a script been written for this yet? (Or if one has, what's it called?)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Jun 27)
- Re: Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities Jacqui Caren-home (Jun 27)
- Re: Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Jun 27)
- Re: Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities Zach C. (Jun 28)
- Re: Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Jun 27)
- Re: Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities Jacqui Caren-home (Jun 27)