Penetration Testing mailing list archives
Re: Pentestn ASP website with tinymce
From: Shawn Barry <shawnb391 () gmail com>
Date: Wed, 1 Sep 2010 14:49:14 -0500
Can anyone tell me how to opt-out of this mailing list? I enjoy reading some of these letters, but my inbox is useally flooded with emails because I signed up for too many mailing lists...
On Sep 1, 2010, at 4:03 AM, Robin Wood <robin () digininja org> wrote:
On 31 August 2010 17:30, Luana C. Rocha <luanac.rocha () gmail com> wrote:Hi, The company whose i work for is in process evaluating a new website.They are not concerned about security, but with how easy is to update thewebsite content.At this moment the developer that is winning this evaluating is proposing touse tinymce as a content manager. I read about tinymce and I'm really concerned about our security.Does anyone uses the tinymce? Can anyone point me a good way to pentest this site and how to enforce it's security just in case they insist to usetinymce?Exploit DB is a good start: http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=tinymce&filter_author=&filter_platform=0&filter_type=0&filter_port=&filter_osvdb=&filter_cve= And Security Focus http://www.securityfocus.com/vulnerabilitiesPS: please forgive-me the bad english, i'm learning yet.Its better than some of the native speakers! RobinLCR--- --------------------------------------------------------------------- This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actuallydo a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org--- ------------------------------------------------------------------------ --------------------------------------------------------------------- This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org--- ---------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Pentestn ASP website with tinymce Justin Klein Keane (Sep 01)
- <Possible follow-ups>
- Re: Pentestn ASP website with tinymce Robin Wood (Sep 01)
- Re: Pentestn ASP website with tinymce Shawn Barry (Sep 03)
- Re: Pentestn ASP website with tinymce Erin Carroll (Sep 03)
- Re: Pentestn ASP website with tinymce Shawn Barry (Sep 03)