Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Hosting Controller Vulnerability

From: Muhammad Faisal Rauf Danka <mfrd () attitudex com>
Date: Sun, 14 Jul 2002 14:32:23 -0700 (PDT)
Instead of using something like @stake web proxy, could you also save the html output of (/accounts/updateuserdesc.asp) 
locally and change username to administrator and re-submit the form? And how are they validating the user name after 
applying the patch ?

Regards, 
---------
Muhammad Faisal Rauf Danka

Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Promote your group and strengthen ties to your members with email () yourgroup org by Everyone.net  
http://www.everyone.net/?btn=tag
Previous By Date Next
Previous By Thread Next

Current thread: