Full Disclosure mailing list archives
Re: Fwd: Security Access
From: Fernando Mercês <nandu88 () gmail com>
Date: Fri, 12 Sep 2014 03:56:52 -0300
It is funny they say "we secure your data" and use root/root as mysql credentials. :D Att, Fernando Mercês Linux Registered User #432779 www.mentebinaria.com.br ------------------------------------ "Ninguém pode ser escravo de sua identidade; quando surge uma possibilidade de mudança é preciso mudar". (Elliot Gould) On Fri, Sep 12, 2014 at 2:25 AM, Pedrov Jovovic <pedrov.jovovic () gmail com> wrote:
Hello This is my first post . Here are the details : Website : http://www.comguard.net/ - (Security Expoerts) I already sent them 2 emails and i didn't get a reply. The Security bug is really simple , i was able to get to this link http://www.comguard.net/include/ which lists all the files in the server. You can even download php files containing sensitive data including db password. Let me know if you need any additional details Regards ---------- Forwarded message ---------- From: Fyodor <fyodor () nmap org> Date: Fri, Sep 12, 2014 at 1:12 AM Subject: Re: Security Access To: Pedrov Jovovic <pedrov.jovovic () gmail com> On Tue, Aug 19, 2014 at 9:36 PM, Pedrov Jovovic <pedrov.jovovic () gmail com> wrote:Hello , i found a security issue in www.comguard.net. I already sendthem2 email and would like to disclose the information through your websiteisthat ok?Yes, you can mail details to the fulldisclosure list. Cheers, Fyodor _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Fwd: Security Access Pedrov Jovovic (Sep 11)
- Re: Fwd: Security Access Fernando Mercês (Sep 12)
- Re: Fwd: Security Access Артур Истомин (Sep 15)
- Re: Fwd: Security Access gold flake (Sep 19)