Full Disclosure mailing list archives
Re: Some Web-programmer flaw 'may' result in codeexecution in server side!
From: Bipin Gautam <gautam.bipin () gmail com>
Date: Mon, 25 Apr 2005 16:44:03 +0545
On 4/25/05, Morning Wood <se_cur_ity () hotmail com> wrote:
i used to have my UA set to a basic xss script... many sites are vulnerable to this. The most troubling is the fact that many web based reporting / log tools are in html format, thus rendering the UA injection in the browser of
you should have let the world know earlier man... i've discovered this for over few years...... letting you private tricks let-go will always keep you creative. Maybe this was almost lost somewhere in my sleaves. Anyways, http://zone-h.org huh! I UNDERSTAND ;D --- Bipin Gautam http://bipin.tk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Some Web-programmer flaw 'may' result in code execution in server side! Bipin Gautam (Apr 24)
- Re: Some Web-programmer flaw 'may' result in codeexecution in server side! Morning Wood (Apr 24)
- Re: Some Web-programmer flaw 'may' result in codeexecution in server side! Bipin Gautam (Apr 25)
- Re: Some Web-programmer flaw 'may' result in codeexecution in server side! Morning Wood (Apr 24)